Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom
A system that thousands of schools and universities use went offline due to a cyberattack, creating chaos as students tried to study for finals. The post Cyberattack Hits Canvas System Used by Thousands of Schools as Finals Loom appeared first on SecurityWeek.
A system that thousands of schools and universities use was offline Thursday during a cyberattack, creating chaos as students tried to study for finals and underscoring education’s dependence on technology.
The hacking group named ShinyHunters claimed responsibility for the breach at Canvas, said Luke Connolly, a threat analyst at the cybersecurity firm Emisoft. Instructure, the company behind Canvas, didn’t immediately respond to a request for comment or questions about whether the system was taken down as a precaution or because the hackers knocked it offline.
Canvas is used to manage grades, course notes, assignments, lecture videos and more. The hacking group posted online that nearly 9,000 schools worldwide were affected, with billions of private messages and other records accessed, Connolly said.
Related breach coverage
- Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants2026-05-08
The hackers gained the ability to modify equipment operational parameters, creating a direct risk to the public water supply. The post Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants appeared first on SecurityWeek.
- Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion2026-05-07
Dragos has published a report describing how threat actors used Claude AI in an attack on a water and drainage utility in Mexico. The post Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion appeared first on SecurityWeek.
- Iranian APT Intrusion Masquerades as Chaos Ransomware Attack2026-05-06
Likely perpetrated by MuddyWater, the attack combined social engineering, persistence, credential harvesting, and data theft. The post Iranian APT Intrusion Masquerades as Chaos Ransomware Attack appeared first on SecurityWeek.
- Critical Remote Code Execution Vulnerability Patched in Android2026-05-05
CVE-2026-0073 affects Android’s System component and it can be exploited without any user interaction. The post Critical Remote Code Execution Vulnerability Patched in Android appeared first on SecurityWeek.