ShinyHunters Breaches EdTech Giant Instructure, Exposing 275M Records; Critical cPanel Zero-Day Exploited in Widespread Attacks

Instructure Confirms Massive Breach; ShinyHunters Claims 275 Million User Records from Canvas LMS

Educational technology firm Instructure has confirmed a significant data breach affecting its widely used Canvas Learning Management System (LMS). The incident, which caused service disruptions starting May 1, 2026, has been claimed by the notorious extortion...

Ameriprise Financial Hit by Data Breach, Exposing Data of Nearly 48,000 Customers

Ameriprise Financial, a major U.S. financial services firm, has reported a data breach that exposed the personal and financial information of approximately 48,000 customers. The incident, which began on March 2, 2026, involved unauthorized access to stored dat...

Sandhills Medical Foundation Faces Class Action Probe Over Ransomware Attack Affecting 169,000 Patients

A ransomware attack on Sandhills Medical Foundation in 2025 has triggered a class action investigation announced on May 3, 2026. The breach, claimed by the 'Inc Ransom' group, exposed the personal and protected health information (PHI) of 169,017 patients. The...

New Ransomware Group 'Mnt6' Surfaces, Claims Attack on New Zealand Contractor McKay

A new ransomware group, identifying itself as 'Mnt6', has claimed responsibility for a cyberattack against McKay, a major New Zealand-based electrical contractor. The attack occurred in January 2026, but the nascent threat group only listed McKay on its darkne...

MoneyForward GitHub Breach Exposes Customer Data, Hardcoded Secrets

Japanese fintech leader MoneyForward Inc. has disclosed a data breach resulting from a compromise of its corporate GitHub account. The incident, which occurred between May 1 and May 3, 2026, led to the exposure of company source code and the personal data of 3...

Cybersecurity Vendor Trellix Confirms Breach of Source Code Repository

Cybersecurity vendor Trellix, formed from the merger of McAfee Enterprise and FireEye, has confirmed a security breach involving unauthorized access to a portion of its internal source code repository. The company stated it has engaged forensic experts and not...

Florida Physician Specialists Breach Exposes Extensive Patient Data, Prompts Legal Probe

Florida Physician Specialists, a medical practice based in Jacksonville, has disclosed a data breach that exposed a wide array of sensitive patient information. The incident, which took place between November 27 and 29, 2025, involved an unauthorized third par...

NSW Government Downgrades Treasury Cyber Incident, Cites Containment

The New South Wales (NSW) Government has officially downgraded the 'significant cyber incident' declared in April following an alleged internal data breach at NSW Treasury. On May 4, 2026, officials confirmed the incident is now contained and has moved to the...

IBM Executive Tom Parker Reportedly a Top Candidate for CISA Director

Tom Parker, a cybersecurity executive at IBM, is reportedly a leading candidate to be the next director of the U.S. Cybersecurity and Infrastructure Security Agency (CISA). According to sources familiar with the matter, Parker's extensive private-sector backgr...

Anodot Breach Leads to Supply Chain Attack on Snowflake Customers; ShinyHunters Claims Responsibility

Update:Video hosting platform Vimeo has confirmed it was impacted by the Anodot supply-chain attack, with ShinyHunters accessing its Snowflake and BigQuery instances. The breach exposed technical information, video titles, metadata, and some customer email addresses....

Critical Flaw in VECT 2.0 Ransomware Turns It Into a Destructive Wiper, Permanently Destroying Large Files

Update:New reports confirm that security firm Halcyon also contributed to the discovery of the critical VECT 2.0 ransomware flaw, alongside Check Point. The RaaS platform's promotion on BreachForums is highlighted, with affiliates reportedly receiving access keys in...

cPanel Zero-Day Auth Bypass (CVE-2026-41940) Actively Exploited for Months Before Patch

Update:New intelligence from The Shadowserver Foundation confirms widespread exploitation of CVE-2026-41940, with over 40,000 unique IP addresses associated with compromised cPanel servers observed. Attackers are leveraging this vulnerability to deploy 'Sorry' ransom...

AI-Enabled Cybercrime Fuels 389% Surge in Ransomware Victims, Fortinet Reports

Update:This update to Fortinet's 2026 Global Threat Landscape Report provides more granular technical insights into AI's impact on cybercrime. It explicitly identifies new MITRE ATT&CK techniques amplified by AI, including T1595.002 (Vulnerability Scanning), T1102 (W...