惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

S
Secure Thoughts
Recent Commits to openclaw:main
Recent Commits to openclaw:main
H
Heimdal Security Blog
SecWiki News
SecWiki News
H
Hacker News: Front Page
N
News | PayPal Newsroom
L
LINUX DO - 最新话题
N
News and Events Feed by Topic
TaoSecurity Blog
TaoSecurity Blog
AI
AI
C
Cybersecurity and Infrastructure Security Agency CISA
Scott Helme
Scott Helme
PCI Perspectives
PCI Perspectives
S
Securelist
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
Cyberwarzone
Cyberwarzone
A
Arctic Wolf
Forbes - Security
Forbes - Security
T
Tor Project blog
Spread Privacy
Spread Privacy
WordPress大学
WordPress大学
I
Intezer
Martin Fowler
Martin Fowler
Help Net Security
Help Net Security
P
Proofpoint News Feed
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
Cisco Talos Blog
Cisco Talos Blog
Latest news
Latest news
博客园 - 司徒正美
W
WeLiveSecurity
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
V
V2EX
P
Palo Alto Networks Blog
Google DeepMind News
Google DeepMind News
IT之家
IT之家
阮一峰的网络日志
阮一峰的网络日志
V
Vulnerabilities – Threatpost
Jina AI
Jina AI
S
Security Affairs
Hacker News - Newest:
Hacker News - Newest: "LLM"
Simon Willison's Weblog
Simon Willison's Weblog
Project Zero
Project Zero
T
Threatpost
P
Privacy International News Feed
人人都是产品经理
人人都是产品经理
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Application and Cybersecurity Blog
Application and Cybersecurity Blog
博客园 - Franky
Hugging Face - Blog
Hugging Face - Blog
Apple Machine Learning Research
Apple Machine Learning Research

Enterprise – Silicon Republic

Commission refers Ireland to CJEU for failing to enact cyber rules Cloudflare to block AI crawlers from ad-supported webpages by default Google ordered to pay Klarna nearly $2bn in abuse-of-power row Upcoming iPhone 18 model leaked in Tata Electronics hack Data breaches going unreported – Irish compliance survey Cybersecurity warning for Irish businesses ahead of EU Presidency Dublin's TensorX to partner with Solstice on sovereign European AI Irish Internet Hotline named Trusted Flagger under EU Digital Services Act Don't panic, prepare: A cyber expert's advice on the Mythos hype Day-to-day cyber incidents driving loss for SMEs, finds report Anthropic to reassess Claude Fable 5 AI development restrictions after backlash Anthropic rolls out ‘Mythos-like’ AI model Claude Fable 5 EMEA firms underestimating 'routine risks', finds cyber report More than 20,000 Instagram accounts hacked using Meta AI bug Report: Irish firms cut cybersecurity spend despite rising risks TCS launches sovereign cloud offering in Europe ECB urging action on AI from lenders’ IT departments Hackers access GitHub, download codebase in Grafana Labs breach Europe's public sector deploying AI faster than it can manage – report UK watchdog probes Microsoft over interoperability issues Foxconn confirms cyberattack on North American facilities Clear gap between AI expectations and preparedness, finds report ShinyHunters demands ransom after Canvas hack EU agrees to simpler AI rules and complete ‘nudification’ ban What’s the difference between IT and OT security? Opinion: Why ISO 27001 alone won't save your data from itself Report: Medical device cyberattacks on the rise AI race intensifies with Google's new agent management platform Anthropic probing reported Mythos leak on Discord Nearly 75pc of AI’s economic value captured by just 20pc of companies Anthropic’s Mythos to bolster cybersecurity at UK banks The death of ETL: Is zero-copy a ‘liberation’ for data teams? After Anthropic, OpenAI launches cyber-specific AI model The Interview: Dentons' Carlo Salizzo on three forces defining digital law Anthropic's Mythos a game-changer, NCSC chief tells Oireachtas Mythos just first of power models to come: Anthropic co-founder New XP95 hacker group targets Dublin recruitment platform Healthdaq OpenAI apps for MacOS exposed by threat Mythos testing begins as governments raise cyber concerns Anthropic's Glasswing project employs Mythos to prevent AI cyberattacks Is your data integrity framework just a fancy spreadsheet? Ireland begins digital wallet testing and consultation How is Australia working to make data centres more sustainable? China's DeepSeek suffers rare outage lasting several hours ShinyHunters claims responsibility for European Commission breach Security first: Why cybersecurity needs to adapt in the age of AI iOS hacking tool 'DarkSword' leaked on GitHub China’s Alibaba could launch Qwen for enterprise this week Stryker's Cork site hit by global cyberattack Office.eu and the hope for a digitally sovereign Europe How fully homomorphic encryption is reshaping secure AI Major phishing operation disrupted in joint Europol action Hacking tool with possible US origins targets outdated iPhones Pure Storage, now Everpure, to acquire 1touch Hacker used commercial AI to breach 600 firewalls: AWS Why cloud strategies are pivoting from reaction to precision ‘Complexity is where cyber risk tends to grow’ ‘In cyber, bridging the gap between the server room and boardroom is crucial’ AWS expanding in Belgium, Netherlands and Portugal, amid sovereign cloud launch
Canvas parent settles with hacker group that stole user data
Suhasini Srinivasaragavan · 2026-05-12 · via Enterprise – Silicon Republic

Instructure did not say what it had given the hacker group in exchange for the terms.

Instructure, the parent company behind Canvas, the education management platform reportedly hacked by ShinyHunters, has reached an agreement with the cyber gang, it said yesterday (11 May). Hackers had given affected universities until tomorrow (12 May) to negotiate a settlement.

As per the agreement, the cyber extortion group has returned stolen data and deleted copies, and has agreed not to extort the institutions affected in the hack, Instructure said. The company did not say what it had given the hacker group in exchange for the terms.

Reportedly formed around 2020, ShinyHunters has claimed responsibility for an array of high-profile, financially motivated attacks in recent years on organisations such as Salesforce, Allianz Life, SoundCloud, Ticketmaster and Tinder-parent Match Group.

The group was linked to a breach of the European Commission’s Europa.eu platform in March, where 350GB of data, across multiple databases, was reportedly accessed and stolen.

Hackers seemingly began targeting edtech giant Instructure late last month; the company started noticing unauthorised activity in Canvas on 29 April, and later on 7 May.

ShinyHunters claimed responsibility for the attacks and said it stole 280m records. The threat actor also published a list of more than 8,800 institutions that were affected by its attacks on Canvas. In a 3 May ransom note, it threatened to leak “several billions of private messages among students and teachers”.

In Ireland, the platform is used by the likes of University of Galway and Munster Technological University – both of which faced disruptions following the hack.

Instructure, at the time, said the stolen information includes user identifying information such as names, email addresses, messages and student ID numbers at affected institutions. It has reported the breach to the FBI, the US Cybersecurity and Infrastructure Security Agency and other law enforcement agencies, it said.

In its latest update, the company said that the unauthorised actor exploited an issue related to its ‘free-for-teacher’ accounts to hack Canvas. As a result, the feature was temporarily shut down; all services, however, are now fully operational, it added.

“ShinyHunters timed this attack to sting as much as possible,” said Raluca Saceanu, the CEO of Smarttech247.

“With exam season underway and academic years drawing to a close, schools and universities needed Canvas working. That dependency gave ShinyHunters the leverage to lay out the terms of their deal. For Canvas, and its parent Instructure, it was agree to terms or lose customers.

“While technical recovery time from ransomware attacks is accelerating, attackers are responding by shifting their focus and making the broader organisational consequences more damaging than ever.

“It’s not just a question of causing as much potential damage as possible. From the attackers’ point of view, these newer approaches are faster, cheaper, stealthier and carry lower technical risk. And the core law of extortion anywhere holds – even if a victim pays, there’s no guarantee data won’t be exposed anyway, and the organisation has now marked itself as a valuable target.”

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.