Instructure pays ransom after Canvas incident as Congress announces investigation
The company said its agreement with the hackers involved their data being “returned” to them and digital confirmation of data destruction.
The Record
19 articles
Texas sues Netflix over alleged data practices that create ‘surveillance machinery’ without user consent
In addition to fines, Texas is asking a judge to prevent Netflix from illegally collecting and sharing user data and to mandate that the company no longer us...
FCC pushes ban on security updates for foreign-made routers, drones to 2029
The router deadline, originally slated for March 1, 2027, has been pushed back to at least January 1, 2029, according to the announcement from the FCC’s Offi...
UK water company allowed hackers to lurk undetected for nearly two years, regulator finds
The Information Commissioner's Office (ICO) fined South Staffordshire Water £963,900 ($1.3 million) on Monday over an attack by the Cl0p ransomware group tha...
Dirty Frag: Linux kernel hit by second major security flaw in two weeks
The issue was found in the same area of the Linux kernel that produced last month’s Copy Fail bug, and also allows anyone with a basic account on an affected...
GM to pay over $12 million in California privacy settlement involving driver data
The settlement, announced by California officials Friday, is the largest fine issued under the California Consumer Privacy Act (CCPA) in its more than five-y...
Kingdom Market administrator given 16-year sentence
Slovakian national Alan Bill, 33, pleaded guilty in January to a conspiracy to distribute controlled substances charge after admitting to his role in running...
Virginia man found guilty of deleting 96 government databases
A Virginia man was convicted on federal charges Thursday after a jury found him guilty of deleting 96 government databases and stealing an individual’s passw...
Multiple universities forced to reschedule final exams after Canvas cyber incident
On Thursday, dozens of students took to social media to say they saw a message from a cybercriminal group as they navigated through Canvas, an educational pl...
Pro-Ukraine BO Team and Head Mare hackers appear to team up in attacks against Russia
Researchers at Moscow-based cybersecurity firm Kaspersky said they identified overlapping infrastructure and tools used by both groups — including command-an...
Iranian government hackers using Chaos ransomware as cover, researchers say
Incident responders from cybersecurity firm Rapid7 published a report about a recent intrusion that initially appeared to be a Chaos ransomware attack but wa...
North Carolina man pleads guilty to doxxing Supreme Court justices
The incident underscores the dangers public officials face from doxxing, as well as how easy it has become to find sensitive information online.
Polish intelligence warns hackers attacked water treatment control systems
The agency did not publicly attribute the incidents to a specific group or country but said Poland faced intensified hostile cyber activity in 2024 and 2025,...
European leaders unveil tentative deal for AI Act simplification, including a ban on nudification tools
The tentative deal responds to industry criticism by postponing enforcement of rules governing so-called “high-risk” AI tools involving biometrics and those ...
North Korean hackers targeted ethnic Koreans in China with Android ‘BirdCall’ malware
Researchers at cybersecurity firm ESET attributed the campaign to APT37 and said the hackers used a backdoor attached to a suite of card games from a company...
Palo Alto warns of critical software bug used in firewall attacks
A patch for the bug, tracked as CVE-2026-0300, has not been published yet and Palo Alto Networks said it will be included in releases over the next two weeks.
New CISA initiative aims for critical infrastructure to operate offline during cyberattacks
The initiative, named CI Fortify, focuses on isolation and recovery efforts that would see critical infrastructure organizations proactively disconnect from ...
Hackers compromise Daemon Tools in global supply-chain attack, researchers say
Researchers at Kaspersky said attackers tampered with installers for Daemon Tools — a popular program used to mount disk images as virtual drives — and distr...
FTC bans data broker Kochava from selling sensitive location info
The FTC has said that Kochava sold precise geolocation data showing consumers visiting houses of worship and health care clinics without their consent or awa...