Category: Security

man in gray crew neck t-shirt using laptop computer
Security

ShinyHunters’ Salesforce assault exposed 275M Canvas users — a supply-chain problem, not just an LMS outage

ShinyHunters claims it extracted roughly 3.65 TB of data from Instructure’s systems, affecting about 275 million people across nearly 9,000 institutions. This was not simply a broken Canvas instance: investigators say the attackers used compromised Salesforce credentials and API keys tied to Instructure’s SaaS stack, turning a single vendor compromise into a global extortion campaign. […]

admin 
black laptop computer turned on near black and white electronic devices
Security

Active, unauthenticated RCE in Ivanti EPMM — interim RPMs stop attacks but 12.8.0.0 (Q1 2026) is the real fix

Two critical Ivanti EPMM zero-days (CVE-2026-1281 and CVE-2026-1340) are being exploited in the wild to achieve unauthenticated remote code execution. Interim RPM patches stop the immediate attacks, but they must be re-applied after upgrades; a permanent fix is scheduled for EPMM 12.8.0.0 in Q1 2026. Observed exploitation and its immediate effects Attackers are sending simple, […]

admin 
a group of people sitting around a table with laptops
Security

Mozilla’s Mythos Test: 271 Firefox 150 Bugs Show AI Finds Far More — But Creates Remediation and Governance Strain

Mozilla’s early access work with Anthropic’s Mythos model turned up 271 vulnerabilities in Firefox 150 — more than ten times the 22 issues Anthropic’s Opus 4.6 flagged in Firefox 148 — demonstrating a sharp jump in discovery rate that has immediate operational consequences for maintainers and defenders. What Mythos actually revealed in Firefox Mythos autonomously […]

admin 
Digital screens display data on a circuit board background
Security

CVE-2026-0300: If your Palo Alto User-ID Authentication Portal is internet-exposed, lock it down now — patches start May 13

A critical PAN-OS zero-day, CVE-2026-0300, is being actively exploited but only when Palo Alto Networks’ User-ID Authentication Portal is reachable from untrusted networks. Patches begin rolling out on May 13, 2026; until your appliances are updated, restricting or disabling the portal is the practical defense that changes your immediate risk profile. Portal-exposed versus default deployments: […]

admin 
Spacious and minimalist computer lab with rows of black monitors and sleek furniture.
Security

ShinyHunters claims 3.65 TB from Canvas — breach exposes systemic third‑party and CRM risks in EdTech

Instructure’s Canvas platform has suffered a large-scale data theft that ShinyHunters says totaled 3.65 terabytes of information tied to roughly 275 million people at nearly 9,000 schools. The central signal: attackers repeatedly exploited third‑party integrations and cloud CRM access, not exposed passwords or direct financial systems. How attackers leveraged integrations and CRM access Security researchers […]

admin 
a room with computers and chairs
Security

Timeline: After the March 12 patch, Weaver E‑cology CVE‑2026‑22679 was exploited via an unauthenticated debug API — endpoint defenses stopped persistence

A critical unauthenticated RCE in Weaver E‑cology 10.0 (CVE‑2026‑22679) was actively exploited in mid‑ to late‑March 2026 after the vendor released a patch on March 12; endpoint defenses intervened and prevented persistent compromise, leaving timely patching as the primary remediation. How the March exploitation sequence unfolded The vendor released a patch on March 12, 2026; […]

admin 
a man sitting in front of two computer monitors
Security

CVE-2025-60710: CISA’s active‑exploit designation turns a TaskHost privilege bug into a two‑week patch emergency

CISA’s addition of CVE-2025-60710 to the Known Exploited Vulnerabilities list makes a previously theoretical Windows Task Host privilege escalation a present operational threat: federal agencies have two weeks under BOD 22‑01 to patch, and all organizations should treat this as a priority where detection will not substitute for patching. CISA’s designation versus the bug’s mechanics […]

admin 
a black case filled with electronics on top of a white table
Security

KB5082200 tightened .rdp consent and Secure Boot rollouts — but the new warnings aren’t a phishing shield

Microsoft’s April 2026 Windows 10 update (KB5082200) forces explicit user consent when opening .rdp files and stages new Secure Boot certificates; those are concrete, operator-level changes, but they do not make .rdp-based phishing impossible. Administrators need to treat the update as a change in control points, not a substitute for policy and training. How KB5082200 […]

admin 
Customer paying with credit card at cafe counter.
Security

Anthropic briefed the Trump administration while suing the Pentagon — why Mythos forces banks and regulators to pick careful safeguards

Anthropic has simultaneously pushed Mythos into conversations at the highest levels of government and finance while locked in a legal fight with the Department of Defense—an unusual posture that makes Mythos a distinct governance and operational problem for banks, regulators, and infrastructure providers. What banks and financial regulators are being asked to weigh Mythos is […]

admin 
a desk with several monitors
Security

April 2026: Magecart operators hide credit‑card skimmers inside 1×1 SVGs using Magento PolyShell — patches still pre-release

In early April 2026, a Magecart campaign used a tiny, deliberate evasion technique—embedding a base64 JavaScript skimmer in a 1×1 pixel SVG’s onload attribute—to harvest card data from nearly 100 Magento stores while exploiting the PolyShell vulnerability; official Adobe fixes remain in pre-release. What unfolded in early April and why the SVG matters Recommended Reading […]

admin