Tag: learning management system
10 articles

Hackers Exploit KnowledgeDeliver Flaw to Install Web Shells
Hackers have exploited a critical flaw in KnowledgeDeliver, using it as a zero-day to sneakily install a powerful .NET web shell called Godzilla on vulnerable servers. This sneaky attack was made possible by a deserialization vulnerability, CVE-2026-5426, that allowed threat actors to execute code at the operating-system level.

SaaS Providers Face Trust Crisis After Canvas Breach
A massive breach of the Canvas learning management system has left 275 million users reeling, compromising student records and disrupting learning at over 8,800 institutions worldwide. The shocking incident has sparked a trust crisis for SaaS providers, raising urgent questions about security and data protection.

Mandiant Exposes KnowledgeDeliver Vulnerability via ViewState Deserialization
A critical vulnerability, CVE-2026-5426, was discovered in KnowledgeDeliver installations, allowing unauthenticated remote code execution across multiple customer sites due to identical ASP.NET machineKey values. This widespread flaw was caused by a standardized web.config with hardcoded keys, used across deployments, leaving sites vulnerable to attack.

Instructure Negotiates Data Return After Ransomware Breach
In a major win for data security, Instructure has successfully negotiated the return of stolen data and confirmed its destruction after a ransomware breach affected nearly 9,000 educational institutions using its Canvas Learning Management System. The company has ensured that its affected customers are protected and won't be individually targeted for extortion.

US House Panel Probes Instructure Over Massive Canvas Cyberattack
A massive cyberattack on Instructure's Canvas platform has sparked a congressional investigation, after hackers claimed to have stolen a staggering 280 million data records from nearly 9,000 schools and online education platforms. The breach has left schools reeling, especially during final exams, and is raising urgent questions about data security.

Instructure Pays Ransom to ShinyHunters to Prevent 3.65TB Canvas Data Leak
In a stunning move, Instructure paid a ransom to the notorious ShinyHunters group to prevent a massive 3.65TB data leak from its Canvas learning-management system. The Utah-based company reached a deal with the hackers, securing the safe return of stolen data and a guarantee that its customers wouldn't be extorted individually.

ShinyHunters Targets Education Sector with School-by-School Ransom Push
ShinyHunters has launched a targeted ransom attack on the education sector, exploiting a vulnerability in Canvas Learning Management System to steal a staggering 275 million records from nearly 9,000 schools and universities. The timing couldn't be more critical, with exams already underway and academic years wrapping up.

ShinyHunters Breach Exposes 9,000 Schools in Canvas Hack
A massive data breach has hit Canvas, a popular learning management system, with hackers claiming to have stolen several terabytes of sensitive data, including personal info for 275 million users, from 9,000 schools. The notorious ShinyHunters group is now demanding action, threatening to leak everything if their demands aren't met.

Instructure Data Breach Exposes Sensitive Information
A massive data breach at Instructure has potentially exposed the sensitive information of 275 million individuals, making it one of the largest breaches in recent weeks. The incident, which was disclosed on May 1, is still under investigation, with the company working closely with experts to contain the damage and keep users informed.

Instructure Breach Exposes Data of 275 Million Users
A recent data breach at Instructure, the company behind Canvas, has compromised the sensitive information of 275 million users, including names, email addresses, student ID numbers, and private messages. The company is actively investigating the incident with cybersecurity experts and law enforcement.