The Hacker News

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

Ghostwriter’s March 2026 Ukraine attacks use PDF lures and geofencing to deploy Cobalt Strike on government targets.

Instructure reaches 'agreement' with ShinyHunters to stop data leak

Instructure, the edtech giant behind the widely popular Canvas learning management system (LMS), has reached an "agreement" ...
CSO Online

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
The Hacker News

cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

CVE-2026-41940 exploitation by 2,000 IPs enabled Filemanager backdoor attacks, causing credential theft and persistent access ...

Instructure confirms hackers used Canvas flaw to deface portals

Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login ...
Security Boulevard

Reducing Authentication Errors in Enterprise Environments: A Human-Centric Approach

Learn how a human-centric approach can reduce authentication errors in enterprise environments while improving security and ...

BrowserAct Open-Sources Two AI-Agent Skills, Giving Agents the Power to Use the Real Web

Then imagine it replying: "Sorry, the website won't let me in." That's the quiet failure mode behind most AI agents today.

Congress investigates Canvas breach as company pays ransom

The US Congress has summoned education tech firm Instructure's CEO Steve Daly to the Hill to explain how digital thieves ...
Chicago Maroon

In His Last College Quarter, Ben Heim Is Building an AI Project Every Week

With the help of Claude Code, fourth-year Ben Heim is showing how generative artificial intelligence can be used for ...
Cryptopolitan on MSN

TCLBANKER trojan spreads through victims' own messaging accounts

Security researchers found TCLBANKER, a Brazilian banking trojan that hijacks WhatsApp and Outlook accounts to spread crypto ...

How controversial VAR calls have defined two title battles

England and Scotland have experienced two highly controversial VAR decisions in a matter of days which could help to decide ...