Cyber Security News

Start. Stay. Grow.

Curated daily. The latest hacks, breaches, and cyber trends—humanized.

Daily cyber brief

Wednesday, May 13, 2026

Hacking Brief – May 13, 2026

Canvas Breach Resolved Through Ransom Payment

Instructure, the parent company of the widely-used Canvas learning management system, confirmed it reached an agreement with the ShinyHunters threat actor group to delete 3.65TB of stolen data affecting nearly 9,000 educational institutions worldwide. The ransomware attack, which disrupted final exams at universities including the University of Illinois, compromised student ID numbers, email addresses, names, and private Canvas messages belonging to approximately 275 million individuals. ShinyHunters had threatened to publicly dump the data unless a ransom was paid. The attack temporarily forced Canvas offline during a critical period for academic institutions, with some universities forced to reschedule finals. The incident highlights persistent vulnerabilities in the education technology sector.

Google Reports First AI-Assisted Zero-Day Discovery

Google's Threat Intelligence Group announced the detection of what appears to be the first known case of threat actors using artificial intelligence to discover and weaponize a zero-day vulnerability. The exploit targeted two-factor authentication bypass mechanisms, and Google assesses it likely prevented what could have been a "mass exploitation event." This marks a significant milestone in offensive security capabilities, confirming long-standing concerns about AI-accelerated vulnerability research. Separately, Iran-linked threat actor Seedworm was observed in a global espionage campaign that breached a Korean electronics manufacturer, using DLL sideloading with signed Fortemedia and SentinelOne binaries for persistence and data exfiltration. Additionally, a pro-Iran hacking group launched attacks against San Jose-based eBay, while ransomware operations continued to target industrial infrastructure, with West Pharmaceutical Services and Foxconn's North American factories both confirming disruptive attacks.

Sources: Long Beach Post · SMH · The Hacker News · CNBC · Security.com · Yahoo · SecurityWeek · 9to5Mac

Around the Web

Last Updated: N/A

Hacks + Heists

Seedworm: Iran-Linked Hackers Breached Korean Electronics Maker in Global Spying Campaign

Iran-linked threat actor abused signed Fortemedia and SentinelOne binaries for DLL sideloading and exfiltrated data through a public file-transfer ...

Pro-Iran hacking group targets California tech company in flurry of attacks - Yahoo

San Jose-based eBay was hammered by a massive cyberattack allegedly carried out by a pro-Iran hacking group that's now threatening some of world's ...

5 Steps the FBI Wants You to Take to Secure Your Router Right Now - CNET

The UK's National Cyber Security Centre includes a number of TP-Link routers specifically targeted by the hackers. While that news sounds pretty ...

Instructure Pays Ransom to Canvas Hackers - Inside Higher Ed

Although the monetary value of the deal is unknown, Instructure says the cybercriminals have returned the hacked personal data and offered ...

Linux Critically Vulnerable: Two Kernel Exploits Dropped, Giving Root in Seconds

Two critical unpatched Linux kernel exploits including 'Dirty Frag' allow attackers to gain root privileges across all major distributions.

Big Cyber

Foxconn breach underscores rising cybersecurity threats facing Apple suppliers - digitimes

Hon Hai Precision Industry, also known as Foxconn, said some of its facilities in North America were hit by a cyberattack, according to a ...

Canvas data breach resolved, Instructure CEO apologizes

Canvas came back online at educational institutions after Instructure reached a deal with hackers to delete stolen sensitive data.

Google researchers uncover criminal zero-day exploit likely built with AI

Google's threat intelligence researchers linked a zero-day exploit to AI-assisted development that allowed attackers to bypass two-factor authenticati...

Cloudflare Lays Off 1,100 Employees in AI-Driven Restructuring

Cloudflare announced it is laying off more than 1,100 employees worldwide as part of an AI-driven restructuring plan despite topping revenue and earni...

The Cybersecurity Chronicles

‘The Cybersecurity Chronicles: 2024‘ pulls back the curtain on the digital threats that shaped our world last year, revealing the human stories behind the headlines. From art galleries frozen by ransomware to prison tablets hacked with a minus sign, from British Library archivists racing to protect centuries of knowledge to Spotify users meticulously curating their digital identities – these stories illuminate how cybersecurity touches every aspect of modern life.

Author Mark Nole weaves together intimate portraits of the people on all sides of the digital battlefield: the defenders working through sleepless nights to protect critical infrastructure, the victims grappling with stolen identities and lost savings, and even the attackers themselves, operating from nondescript offices with project management software and performance metrics.

Through detailed reporting and narrative storytelling, Nole reveals how 2024 became the year when cybersecurity stopped being just a technical problem and emerged as a fundamentally human challenge. Whether you’re a security professional or simply someone trying to understand our increasingly digital world, these chronicles offer an unprecedented look at how technology shapes – and sometimes betrays – our trust, our privacy, and our lives.

Mark Nole Book Cover for Cybersecurity book

Stay Updated with Cyber Security News

Get the latest cybersecurity headlines, breaking news, and expert insights delivered directly to your inbox. Stay ahead of threats and informed about the digital landscape.

Join thousands of cybersecurity professionals and enthusiasts. No spam, just valuable insights.