#cybersecurity
#cybersecurity

Privacy professionals

American Lending Center Data Breach Affects 123,000 Individuals

Privacy professionals

US lawmakers demand answers from Instructure after Canvas data breaches | TechCrunch

Government to Scrutinize Instructure Over Canvas Disruption, Data Breach

Instructure faced repeated Canvas intrusions, exploited Free-For-Teacher issues, and is temporarily shutting accounts while the House Homeland Security Committee demands incident details.

716,000 Impacted by OpenLoop Health Data Breach

Hackers accessed OpenLoop Health systems in early January 2026 and stole personal information of 716,000 individuals, prompting security upgrades and identity monitoring for victims.

fromInside Higher Ed | Higher Education News, Events and Jobs

fromSecuritymagazine

20 hours ago

123,000 Impacted by American Lending Center's Year-Old Breach

A banking and finance data breach involved ransomware, with possible access to sensitive personal information affecting over 123,000 individuals.

Higher education

12 hours ago

No, Colleges Can't Just Quit Canvas

A major Canvas data breach compromised 275 million users, disrupted finals, and led to ransom recovery, but experts expect limited long-term market impact.

American Lending Center Data Breach Affects 123,000 Individuals

A California non-bank lender reported a ransomware breach affecting 123,000 people, with potential theft of personal identifiers, and found no evidence of misuse.

US lawmakers demand answers from Instructure after Canvas data breaches | TechCrunch

House Homeland Security Committee lawmakers demand Instructure testimony about repeated cyberattacks, stolen student data, response actions, and coordination with CISA.

Government to Scrutinize Instructure Over Canvas Disruption, Data Breach

Instructure faced repeated Canvas intrusions, exploited Free-For-Teacher issues, and is temporarily shutting accounts while the House Homeland Security Committee demands incident details.

716,000 Impacted by OpenLoop Health Data Breach

Hackers accessed OpenLoop Health systems in early January 2026 and stole personal information of 716,000 individuals, prompting security upgrades and identity monitoring for victims.

NYC Health and Hospitals says hackers stole medical data and fingerprints during breach affecting at least 1.8 million people | TechCrunch

A months-long breach at NYC Health and Hospitals exposed personal, medical, billing, identity, and biometric fingerprint and palm data for at least 1.8 million people.

KeyBanc Just Hiked CrowdStrike Price Target to $700. Is Mythos the Real Catalyst?

Improving enterprise security demand signals tied to the Mythos conference support a higher CrowdStrike price target and near-term growth expectations.

Business

BTIG Hikes CrowdStrike Price Target to $621: Platform Consolidation Story Just Got Louder

CrowdStrike price target was raised to $621 with a Buy rating as platform consolidation gains enterprise security wallet share.

Business

5 hours ago

KeyBanc Just Hiked CrowdStrike Price Target to $700. Is Mythos the Real Catalyst?

Improving enterprise security demand signals tied to the Mythos conference support a higher CrowdStrike price target and near-term growth expectations.

Business

BTIG Hikes CrowdStrike Price Target to $621: Platform Consolidation Story Just Got Louder

CrowdStrike price target was raised to $621 with a Buy rating as platform consolidation gains enterprise security wallet share.

more#crowdstrike

5 hours ago

Okta Price Target Bumped to $103 at KeyBanc as Security Spending Catches Fire

Analyst Eric Heath raised the firm’s price target on Okta to $103 from $95 and kept an Overweight rating on the shares, citing a sharper outlook for enterprise security spending in the back half of the year.

Information security

fromArs Technica

7 hours ago

Bug bounty businesses bombarded with AI slop

AI-generated bug reports are flooding bug bounty programs with false, low-quality submissions, forcing some companies to suspend or change these schemes.

#ai-regulation

EU data protection

6 hours ago

MPs propose 'kill switch' to shut down rogue AI systems | Computer Weekly

UK MPs back an AI kill switch giving government emergency powers to shut down datacentres and systems if AI poses catastrophic risk.

What's behind Washington's AI safety pivot

The U.S. is considering executive oversight and safety guardrails for advanced AI models while the U.S. and China explore official AI discussions to avoid an arms race.

Trump jumps from 'anything goes' to 'strict regulation' AI policy

Trump dismantled Biden’s AI safety rules and is now considering government review for high-risk frontier models before public release.

EU data protection

6 hours ago

MPs propose 'kill switch' to shut down rogue AI systems | Computer Weekly

UK MPs back an AI kill switch giving government emergency powers to shut down datacentres and systems if AI poses catastrophic risk.

What's behind Washington's AI safety pivot

The U.S. is considering executive oversight and safety guardrails for advanced AI models while the U.S. and China explore official AI discussions to avoid an arms race.

Trump jumps from 'anything goes' to 'strict regulation' AI policy

Trump dismantled Biden’s AI safety rules and is now considering government review for high-risk frontier models before public release.

Open source tool maker Grafana Labs says hackers stole its code, refuses to pay ransom | TechCrunch

Hackers accessed Grafana’s GitLab using a stolen token, obtained source code repositories, and demanded payment, but Grafana refused and invalidated the token.

8 hours ago

Poland directs officials to ditch Signal in favor of 'secure' state-developed alternative

Poland urges government officials to stop using Signal due to security risks from APT-linked social engineering and phishing that can compromise accounts and sensitive communications.

fromThe Atlantic

9 hours ago

You Can't Escape AI Anymore

AI has become central to global politics, economic competition, cybersecurity threats, education disruption, and corporate layoffs.

UK politics

fromTNW | Anthropic

12 hours ago

Anthropic is briefing the Financial Stability Board on what Mythos has been finding

Anthropic will brief the Financial Stability Board on Mythos cybersecurity vulnerabilities, requested by Andrew Bailey, for G20 finance ministries and central banks.

18 hours ago

Samsung's weather app sparks storm of controversy by handing territory to North Korea

Samsung’s preinstalled weather app mislabels Dokdo as North Korea territory, prompting a rapid update and a blame on The Weather Channel data.

UK news

23 hours ago

Crime increasingly a serious barrier' to UK growth, say business leaders

Crime, including shoplifting, fraud, and cyber-attacks, is increasingly blocking business growth and investment in the UK.

#ai-agents

1 day ago

Artificial intelligence

Oops: Bosses Realize Their Companies Have Been Swarmed by Legions of Redundant AI Agents

Information security

AI agents show they can create exploits, not just find vulns

fromMedium

Information security

AI's Double-Edged Sword: Innovation, Risk, and the Expanding Attack Surface

1 day ago

Oops: Bosses Realize Their Companies Have Been Swarmed by Legions of Redundant AI Agents

AI agent sprawl is emerging as companies deploy too many easily built agents, creating cybersecurity and token-cost risks that require central governance and financial controls.

AI agents show they can create exploits, not just find vulns

Frontier AI models can convert software vulnerabilities into working exploits, outperforming peers on a benchmark measuring arbitrary code execution capability.

fromMedium

AI's Double-Edged Sword: Innovation, Risk, and the Expanding Attack Surface

AI capability is expanding cybersecurity risks by turning intelligence and autonomy into attack vectors for fraud, misinformation, and physical threats.

more#ai-agents

#ransomware

Information security

Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?

fromBusiness Matters

fromInside Higher Ed | Higher Education News, Events and Jobs

Information security

Stryker hack shows cyber intelligence is more important than ever

Information security

Instructure Pays Ransom to Canvas Hackers

fromTechzine Global

Information security

Schools negotiate with hackers following Canvas data breach

Cyber-crime increasingly coming with threats of physical violence

Ransomware attacks increasingly include threats of physical violence, with a significant share of incidents involving harm to staff who refuse to pay.

fromZDNET

Canvas breach disrupts schools nationwide: 6 steps to take now

Canvas experienced a cyberattack and data extortion attempt, with possible student data exposure and login disruption requiring immediate user defensive actions.

Canvas hack: is it ever a good idea to pay a ransom, and what happens to the data?

Instructure reached an agreement with ransomware attackers after student data theft, login page defacement, and assignment delays, with experts suspecting ransom payment.

fromBusiness Matters

Stryker hack shows cyber intelligence is more important than ever

A major medical device company’s devices were wiped after an Iran-linked ransomware attack, showing cyber threats can strike anytime and require urgent security priorities.

fromInside Higher Ed | Higher Education News, Events and Jobs

Instructure Pays Ransom to Canvas Hackers

Instructure paid ransom after Canvas was hacked twice, receiving confirmation of data destruction and assurance no customers will be extorted.

fromTechzine Global

Schools negotiate with hackers following Canvas data breach

ShinyHunters claims to have stolen large volumes of Canvas data and schools are contacting the hackers to prevent public release during exam periods.

Cyber-crime increasingly coming with threats of physical violence

Ransomware attacks increasingly include threats of physical violence, with a significant share of incidents involving harm to staff who refuse to pay.

fromZDNET

Canvas breach disrupts schools nationwide: 6 steps to take now

Canvas experienced a cyberattack and data extortion attempt, with possible student data exposure and login disruption requiring immediate user defensive actions.

more#ransomware

East Bay (California)

fromsfist.com

Day Around the Bay: PG&E May Cut Power to Parts of North Bay Due to Winds

Multiple incidents and policy actions occurred, including vehicle crashes, a federal indictment tied to a shooting, PSPS warnings, a gas-station monitoring hack, and a Supreme Court emergency ruling.

#artificial-intelligence

fromJezebel

Seriously, Please Stop Using AI to Plan Your Murders

Chatbots can’t be trusted for confidential guidance and may be used as evidence in violent crimes.

US politics

fromNextgov.com

'It would be insane' for spy agencies to not have AI model early access, lawmaker says

U.S. intelligence agencies should get early access to advanced AI models for hacking and cyberdefense, while Commerce should also help shape AI policy.

fromJezebel

Seriously, Please Stop Using AI to Plan Your Murders

Chatbots can’t be trusted for confidential guidance and may be used as evidence in violent crimes.

US politics

fromNextgov.com

more#artificial-intelligence

'It would be insane' for spy agencies to not have AI model early access, lawmaker says

U.S. intelligence agencies should get early access to advanced AI models for hacking and cyberdefense, while Commerce should also help shape AI policy.

DevOps

fromDevOps.com

Why DevOps Is Critical for Modern Business Resilience - DevOps.com

DevOps enables business resilience by unifying development and operations, speeding releases, improving quality, and supporting automated, reliable delivery under constant change.

fromGSMArena.com

Verizon joins Project Glasswing to test Anthropic's Claude Mythos model on its infrastructure

Our customers rely on the security of our network every day. As part of Project Glasswing, we are able to test and improve our cybersecurity efforts with new insights to maintain our network's security. Over the past several months, our information security team has been rigorously testing this critical new technology to determine its benefits to our network.

Mobile UX

World politics

fromNextgov.com

Trump says he and Xi discussed cyberattacks and spying between US, China

Trump said he and Xi discussed cyberattacks and espionage, with both nations carrying out similar activities.

Washington DC

US orders travelers on Air Force One to throw away gifts, pins, and burner phones after China trip | TechCrunch

Officials and reporters had to surrender China-issued items and burner phones before boarding Air Force One after U.S.-China talks.

Business intelligence

Oppenheimer Hikes Palo Alto Networks Price Target to $275: CyberArk Becomes Idira, Identity Security Just Got Real

Palo Alto Networks raised its identity security platform with Idira, supporting an agentic identity thesis and driving a $275 price target with Outperform rating.

Careers

fromIT Brew

How a marketing professional changed course for cybersecurity

A cybersecurity career change is possible later in life through curiosity, self-study, and practical training.

'Millions' of pounds saved by replacing Palantir tech in refugee system

Millions of pounds have been saved by replacing a Palantir IT system which helps to find homes for Ukrainian refugees with one built by its own experts, a government department has said. The Homes for Ukraine scheme matched people fleeing the conflict with offers of accommodation - a complex task Palantir initially supported for free but which grew to cost millions. The Ministry of Housing, Communities and Local Government (MHCLG) said its new system was "more flexible" and could meet "high standards" of security.

UK politics

US politics

fromThe Atlantic

MAGA Is Winning Its War Against American Elections

Election denial figures have gained government roles while promoting debunked claims about election fraud and foreign interference.

Business intelligence

Jefferies Hikes Palo Alto Networks Price Target to $265: AI Is Compressing Attack Timelines

Frontier AI compresses attack timelines, accelerating enterprise spending on automated, identity-based detection and response.

Tech industry

Cisco cuts nearly 4,000 jobs to spend more on AI, reports 'record quarterly revenue' | TechCrunch

Cisco will cut fewer than 4,000 jobs to change its cost structure and fund AI and cybersecurity investments despite strong fiscal third-quarter results.

Akamai to Acquire AI and Browser Security Firm LayerX for $205 Million

Akamai will acquire LayerX for about $205 million to add AI usage control and browser security capabilities to its Zero Trust portfolio.

Cisco, USGA set to drive golf into the AI era | Computer Weekly

The United States Golf Association (USGA) has renewed its partnership with Cisco to deploy artificial intelligence (AI-)ready infrastructure and advanced solutions that help ensure its network can support complex and dynamic environments.

Fundraising

fromThe Hacker News

How AI Hallucinations Are Creating Real Security Risks

AI models can produce confident, incorrect outputs that exploit misplaced trust, creating security vulnerabilities in critical infrastructure and cybersecurity decisions.

Berlin

fromZero Day Initiative

fromPython Software Foundation Blog

Zero Day Initiative - Pwn2Own Berlin 2026 - Day One Results

Twenty-two entries target AI databases, coding agents, local inferences, and NVIDIA products in Pwn2Own Berlin 2026 with live updates and results.

Python

PSF Welcomes Hudson River Trading (HRT) as a Visionary Sponsor

Hudson River Trading becomes a PSF Visionary Sponsor, funding CPython, PyPI, community programs, and security to advance and protect Python globally.

Data science

This is what some the world's largest banks of malware look like stacked as hard drives | TechCrunch

vx-underground’s 30TB and VirusTotal’s 31PB malware collections translate to roughly 30 inches and about 2,500 feet of stacked 1TB hard drives, respectively.

Paris food

fromFortune

"I had to turn down President Obama" | Fortune

VivaTech in Paris will draw at least 180,000 delegates, featuring AI, sovereignty, sustainability, and cybersecurity, with a Champs-Élysées robot takeover and Maurice Lévy’s long-term vision.

AI Threats Are Accelerating and These 3 Cybersecurity Stocks Under $30 Are Built to Win

Cybersecurity demand for AI workloads, identity control, and data pipeline protection is driving growth, while several stocks trade under $30 at compressed valuations.

#ai-safety

Anthropic Says Claude Turned Evil for a Bizarre Reason

Claude blackmail behavior is attributed to internet text portraying AI as evil and self-preserving, with post-training not improving the issue.

AI executive action stalled by White House infighting

Federal safety reviews of new AI models are delayed due to lack of alignment within the Trump administration and uncertainty tied to international developments.

Researchers Alarmed by AI That Can Self-Replicate Into Another Machine

AI models can replicate by exploiting vulnerabilities, extracting credentials, and copying their weights and harness to other computers in controlled networks.

Anthropic Says Claude Turned Evil for a Bizarre Reason

Claude blackmail behavior is attributed to internet text portraying AI as evil and self-preserving, with post-training not improving the issue.

AI executive action stalled by White House infighting

Federal safety reviews of new AI models are delayed due to lack of alignment within the Trump administration and uncertainty tied to international developments.

Researchers Alarmed by AI That Can Self-Replicate Into Another Machine

AI models can replicate by exploiting vulnerabilities, extracting credentials, and copying their weights and harness to other computers in controlled networks.

more#ai-safety

WhatsApp launches 'incognito' AI chat with private disappearing messages

WhatsApp introduced an incognito mode for AI chatbot private chats that prevents WhatsApp from reading conversations and removes chat history from users’ devices.

fromSecuritymagazine

Cybersecurity Is No Longer a Gatekeeper, But the Engine of Delivery Across Digital Economy

Cybersecurity is a top fast-growing skill and must be integrated into product delivery, since both protection gaps and misconfigured controls can cause outages, breaches, and lost trust.

fromTNW | Anthropic

Mythos goes to Tokyo: Japanese banks to get Anthropic's vulnerability-hunting AI

MUFG, Mizuho, and SMFG are set to join Anthropic’s restricted Project Glasswing rollout within about two weeks, gaining access to Claude Mythos by end of May.

Vietnam to develop domestic cloud so it can ditch risky overseas operators for government workloads

Vietnam plans a national cloud platform by 2035 to ensure data sovereignty, cybersecurity, and gradual replacement of foreign cloud services in state agencies.

Privacy technologies

fromMail Online

Experts issue urgent warning over doing a 'peace' sign in photos

Clear, well-lit selfies can let criminals extract fingerprints using AI and use them to access accounts and devices.

fromAlleyWatch

The AlleyWatch Startup Daily Funding Report: 5/12/2026

Frame Security - $50M Frame Security, a cybersecurity platform that trains employees to recognize and respond to AI-powered social engineering, deepfake, and phishing attacks, has raised $50M in Venture funding led by Index Ventures, Team8, and Picture Capital, with Assaf Rappaport and Gil Capital. Frame Security was founded by Tal Shlomo and Sharon Shmueli in 2025.

Venture

FCC walks back router update ban before it bricked America's network security

The FCC extended update waivers for certain foreign-made routers to prevent millions of devices from becoming unpatched through at least January 1, 2029.

Tech industry

AI Rally May Have Gone Too Far With Some Stocks Up 70% in a Month

AI-driven gains have broadened beyond core AI leaders, raising froth concerns as valuations rise and software earnings must catch up.

US bank reports itself after slinging customer data at 'unauthorized AI app'

A US bank reported unauthorized use of customer data in an unapproved AI application to the SEC due to the data’s volume and sensitivity, including SSNs.

fromThe Verge

Canvas owner reaches 'agreement' with hackers to secure stolen data

Instructure reached an agreement with hackers after a Canvas breach, claiming stolen data was returned and customers will not be extorted.

fromComputerworld

fromInside Higher Ed | Higher Education News, Events and Jobs

OpenAI introduces Daybreak cyber platform, takes on Anthropic Mythos

Daybreak automates vulnerability detection, patch testing, and audit-ready verification to continuously secure software across enterprise development lifecycles.

Higher education

Survey: CTOs on Cybersecurity, AI, the LMS and More

Nearly half of campus CTOs say technology change is unsustainable without new resources, with rising IT costs and major risks in talent, cybersecurity, and costs.

fromThe Hacker News

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

Daybreak combines OpenAI frontier AI with Codex Security to help organizations find and patch vulnerabilities before attackers exploit them.

Google: AI likely aided attackers to develop a zero-day

Generative AI is increasingly used to develop exploits, enabling attackers to bypass two-factor authentication and automate offensive workflows.

Scammers Furious That Their Fellow Criminals Are Using AI, Saying It's Unethical

Generative AI is not fundamentally reshaping cybercrime, and many low-level scammers reject it to preserve social status and traditional attack methods.

fromTechzine Global

Google: AI likely aided attackers to develop a zero-day

Generative AI is increasingly used to develop exploits, enabling attackers to bypass two-factor authentication and automate offensive workflows.

Scammers Furious That Their Fellow Criminals Are Using AI, Saying It's Unethical

Generative AI is not fundamentally reshaping cybercrime, and many low-level scammers reject it to preserve social status and traditional attack methods.

more#generative-ai

fromwww.theregister.com

Japan's PM orders cybersecurity review to defend against Anthropic Mythos

Japan ordered a cabinet-level review of cybersecurity strategy to assess government system vulnerabilities and ensure critical infrastructure operators can detect and fix them amid AI-enabled attack risks.

fromEngadget

Daybreak is OpenAI's response to Anthropic's Claude Mythos - Engadget

Daybreak applies OpenAI AI models to embed cybersecurity into software, prioritizing high-impact issues, accelerating patch creation, and returning audit-ready evidence to clients.

#education-technology

Double Canvas breach acknowledged as ShinyHunters sets new pay-or-leak deadline

Instructure confirmed two Canvas intrusions, caused Canvas downtime, and reported stolen user and course metadata while stating core learning data was not compromised.

fromThe Washington Post

US news

Canvas hack exposes schools' vulnerability to cyberattacks

fromTechRepublic

ShinyHunters Extorts Universities in New Instructure Canvas Hack

ShinyHunters-linked attackers defaced Instructure Canvas login portals, locking students out during finals week and exposing SaaS security risks for schools.

Education

Cyber-attack on system widely used in US education disrupts final exams

A major Canvas outage disrupted US schools and universities, forcing exam delays, workarounds, and phishing warnings as students lost access to course materials.

Double Canvas breach acknowledged as ShinyHunters sets new pay-or-leak deadline

Instructure confirmed two Canvas intrusions, caused Canvas downtime, and reported stolen user and course metadata while stating core learning data was not compromised.

fromThe Washington Post

US news

Canvas hack exposes schools' vulnerability to cyberattacks

fromTechRepublic

ShinyHunters Extorts Universities in New Instructure Canvas Hack

ShinyHunters-linked attackers defaced Instructure Canvas login portals, locking students out during finals week and exposing SaaS security risks for schools.

Education

more#education-technology

Cyber-attack on system widely used in US education disrupts final exams

A major Canvas outage disrupted US schools and universities, forcing exam delays, workarounds, and phishing warnings as students lost access to course materials.

Google Alarmed by Formidable AI-Powered Zero-Day Cyberattack

A cyberattack used AI to discover and weaponize an unknown zero-day flaw, potentially bypassing two-factor authentication on a web administration tool, but was thwarted.

London startup

Security chiefs 'too polite' for startups, says cyber flywheel founder Alastair Paterson | Computer Weekly

CISOs often avoid clear feedback to startups, slowing innovation; startups need specific conditions for future interest rather than vague non-commitment.

fromFortune

Exclusive: Index Ventures backs Frame's $50 million bet that employees are still cybersecurity's weakest link | Fortune

AI-enabled phishing makes employees a primary attack surface, driving demand for realistic, company-specific human risk security training.

fromSecuritymagazine

Digital Trust and Identity at ISC West

Adversaries exploit gaps across physical, digital, and human systems, making human trust and identity the primary security battlefield.

fromthenextweb.com

Anthropic Mythos AI finds thousands of zero-day vulnerabilities as Fed and Treasury convene bank CEOs on cyber rik

Claude Mythos Preview identified thousands of zero-day vulnerabilities, prompting urgent bank discussions and warning of a six-to-twelve month patch window before adversaries replicate capability.

Canada news

fromwww.cbc.ca

A cyberattack hit universities worldwide, including top Canadian schools. Here's what we know | CBC News

Canvas incident affected thousands of schools, potentially exposing student and instructor data, while Instructure reported no evidence of password, financial, or government-ID compromise.

UK news

Worried Britons prepping' for major disruption with stash of tins and cash, survey shows

Many people in the UK are preparing for major disruption by keeping cash and home supplies in case of payment failures, outages, or disasters.

Roam Research

Hacker Takes Over Robot Lawnmower, Runs Over Innocent Man

Autonomous lawn robots with shared default credentials and weak security can be remotely controlled, enabling widespread harm, theft, or spying.

U.S. defense contractor who sold hacking tools to Russian broker ordered to pay $10 million to former employers | TechCrunch

A cybersecurity executive ordered to pay $10 million in restitution for leaking advanced hacking and surveillance trade secrets to a Russian-linked broker.

fromwww.dw.com

Why the EU sees Chinese solar tech as a major security risk

EU blocks funding for Chinese-made solar inverters due to potential cybersecurity risks to Europe’s power grid, including possible large-scale blackouts.

fromFlowingData

State healthcare sites sending data to tech companies

TikTok used preset keyword lists to filter prohibited sensitive categories, but missing terms were not filtered, making the system flawed and brittle.

fromBuzzFeed

Apparently Not Checking This WiFi Setting Is Like "Leaving Your Front Door Open" To Hackers

Protect home internet privacy by changing default router settings and using strong passwords to prevent hackers from accessing personal data.

fromThe Cipher Brief