Instructure pays ransom after Canvas incident as Congress announces investigation
The company said its agreement with the hackers involved their data being “returned” to them and digital confirmation of data destruction.
NSO
Unknown
auto-detected
AI Intelligence Brief cached
Edit Profile
Entity Relationships
Related YARA Rules View all on YARA Rules page →
90-Day Activity
All Articles (166)
Last 90 Days
All Time
West Pharmaceutical Services Hit by Disruptive Ransomware Attack
The company took systems offline globally after hackers exfiltrated data and deployed file-encrypting ransomware. The post West Pharmaceutical Services Hit b...
WannaCry, the ransomware attack that changed the history of cybersecurity
WannaCry showed how unpatched flaws and leaked cyber tools can cripple global systems, reshaping cybersecurity defenses worldwide. In memory of the day the d...
Instructure Reaches Ransom Agreement with ShinyHunters to Stop 3.65TB Canvas Leak
American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion g...
State of ransomware in 2026
Kaspersky researchers are sharing insights into the main ransomware trends for 2026: EDR killers on the rise, switching from data encryption to data leaks, a...
Pressure mounts on Canvas as data leak extortion deadline looms
Attackers affiliated with The Com are threatening to leak data from more than 8,800 school systems if Instructure doesn’t pay a ransom. The post Pressure mou...
UK water company allowed hackers to lurk undetected for nearly two years, regulator finds
The Information Commissioner's Office (ICO) fined South Staffordshire Water £963,900 ($1.3 million) on Monday over an attack by the Cl0p ransomware group tha...
ShinyHunters Escalates Canvas Extortion with School by School Ransom Campaign
ShinyHunters has escalated its Canvas extortion campaign, defacing hundreds of school login pages and threatening to leak stolen data unless institutions neg...
The State of Ransomware – Q1 2026
Key Findings Ransomware in Q1 2026: Consolidation at Scale During the first quarter of 2026, we monitored more than 70 active data leak sites (DLS) that coll...
Windows CreateFileW API Flaw Could Let Attackers Lock SMB Files at Scale
The multi-billion-dollar ransomware defence industry operates on a fundamental assumption: to cause catastrophic operational damage, malicious actors must wr...
RansomHouse says it breached Trellix and exposes internal systems
RansomHouse claimed responsibility for the Trellix breach, adding the security firm to its Tor data leak site and sharing screenshots of internal systems. Th...
CISA urges critical infrastructure to plan for prolonged service delivery during emergencies
CISA is warning that state-sponsored hackers, specifically Chinese groups known as Salt Typhoon and Volt Typhoon, pose a continuous threat to vital sectors s...
Trellix source code breach claimed by RansomHouse hackers or RansomHouse hackers claim Trellix source code breach
The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as ...
Trellix source code breach claimed by RansomHouse hackers
The attack on the Trellix source code repository disclosed last week has been claimed by the RansomHouse threat group, which leaked a small set of images as ...
Trellix Investigates RansomHouse Breach Claims Involving Source Code Repository
Leading cybersecurity firm Trellix is actively investigating a potential security incident following claims made by the RansomHouse extortion group. The thre...
Ransomware Group Takes Credit for Trellix Hack
RansomHouse has published several screenshots to demonstrate access to internal Trellix services. The post Ransomware Group Takes Credit for Trellix Hack app...
Iranian government hackers using Chaos ransomware as cover, researchers say
Incident responders from cybersecurity firm Rapid7 published a report about a recent intrusion that initially appeared to be a Chaos ransomware attack but wa...
Iranian threat group used Chaos ransomware as a ‘false flag,’ researchers say
The purported ransomware attack did not encrypt files and used infrastructure tied to MuddyWater.
State-sponsored hackers likely behind zero-day attacks on Palo Alto firewalls
Palo Alto Networks believes the in-the-wild exploitation of a zero-day vulnerability (CVE-2026-0300) in its firewalls is likely the work of state-sponsored t...
Why Outdated Maintenance Software Is a Growing Ransomware Risk
Outdated maintenance software increases ransomware risk by exposing weak access controls, unpatched systems, and critical operational data to attackers.