1. The ShinyHunters threat group claims to have stolen 275 million records from Canvas LMS affecting 9000 schools with a ransom deadline set for May 12 (Reddit).
2. Instructure reported a second security incident involving its Canvas platform following the massive data breach (Reddit).
3. The official JDownloader website was compromised to distribute malicious installers containing a Python based remote access trojan (BleepingComputer).
4. A malicious Hugging Face repository impersonating an OpenAI project was discovered distributing information stealing malware to Windows users (BleepingComputer).
5. cPanel released patches for three vulnerabilities in cPanel and Web Host Manager that could lead to privilege escalation and remote code execution (The Hacker News).
6. A college student reportedly hacked the Taiwan high speed rail line using software defined radios which resulted in the stoppage of four trains (Reddit).
7. A new vulnerability identified as CVE 2026 44843 allows for credential theft via a single chat message (Reddit).
8. Lumma stealer malware was identified as being distributed through a fraudulent recaptcha scam (Reddit).
9. Researchers identified EagleSpy V6.0 which is a rebrand of CraxsRAT being actively distributed through Telegram and Odysee (Reddit).
10. Experts are discussing the failure of traditional 90 day disclosure windows due to the rapid acceleration of exploit development timelines (Reddit).
11. Security researchers are investigating memory poisoning techniques targeting AI agents via ChromaDB (Reddit).
12. New research demonstrates the use of large language models to identify remote Linux kernel out of bounds write vulnerabilities (Reddit).
Be First to Comment