Latest Cybersecurity news, threat intelligence, and in-depth analysis.
Instructure paid an undisclosed ransom after the ShinyHunters group breached its Canvas Learning Management System, impacting academic operations during final exams and affecting millions of students and faculty. The attack, detected on April 29, 2026, involved two phases: an initial compromise and a re-breach after Instructure claimed resolution. What Happened On April 25, 2026, ShinyHunters […]
Hundreds of malicious package versions were uploaded across both the npm and PyPI ecosystems in two distinct phases, starting April 29, 2026, and again on May 11, 2026, signaling a sophisticated supply chain attack targeting open-source development. Unlike isolated package compromises, this campaign specifically infiltrated entire groups of related packages, magnifying its potential reach and […]
Microsoft Exchange Server [CVE-2026-42897] Zero-Day Exploited In-The-Wild On May 14, 2026, Microsoft publicly disclosed CVE-2026-42897, a high-severity cross-site scripting (XSS) zero-day affecting on-premises Microsoft Exchange Server products. This vulnerability is actively exploited in the wild, enabling attackers to perform spoofing and session abuse. Immediate application of temporary mitigations like the Exchange Emergency Mitigation Service (EEMS) […]
Palo Alto Networks [CVE-2026-0300] Zero-Day Exploited by State-Sponsored Group A critical zero-day vulnerability (CVE-2026-0300) in Palo Alto Networks' PAN-OS software, actively exploited by a likely state-sponsored actor since April 2026, allows unauthenticated attackers root privileges on affected firewalls. This buffer overflow flaw, CVSS 9.3 (Critical), targets the User-ID Authentication Portal, enabling remote code execution (RCE) […]
Two new zero-day exploits, 'YellowKey' and 'GreenPlasma,' affecting Microsoft Windows, were publicly disclosed on May 13, 2026, by a researcher using the aliases 'Chaotic Eclipse' and 'Nightmare Eclipse.' Attackers rapidly exploited both vulnerabilities within 24 hours of their public release, as confirmed by The Hacker News. This uncoordinated disclosure, timed with Microsoft's Patch Tuesday without […]
West Pharmaceutical Services confirmed a ransomware attack on May 4, 2026, leading to significant disruption across its global manufacturing and shipping operations. Separately, the Nitrogen ransomware group claimed to have targeted Foxconn's North American factories and alleged the exfiltration of 8TB of sensitive intellectual property. This dual targeting of critical manufacturing components underscores an escalating […]
A critical Linux kernel zero-day exploit, disclosed on May 13, 2026, allows attackers to gain root access to affected systems using a 732-byte payload. This vulnerability affects Linux kernel versions 5.15 through 6.8, impacting hundreds of millions of production systems globally. No official patch or CVE ID has been released, leaving operations teams without an […]
Linux Kernel CVE-2026-46300 Fragnesia LPE Grants Root Access A new local privilege escalation (LPE) vulnerability, codenamed 'Fragnesia' (CVE-2026-46300), allows unprivileged local attackers to achieve immediate root privileges across major Linux distributions. This is the third deterministic LPE found in two weeks, leveraging similar page cache corruption techniques as 'Copy Fail' and 'Dirty Frag', indicating a […]
A breach of Instructure's Canvas Learning Management System (LMS) by the ShinyHunters cybercrime group exposed data from potentially 8,809 educational institutions, according to claims by the attackers and reporting by BleepingComputer. This incident led to extensive data theft and an aggressive extortion campaign that crippled educational services for millions. What Happened Instructure, the company behind […]
