US govt seeks Instructure testimony on massive Canvas cyberattack

📅 12 May 2026 at 23:09 UTC📰 Bleeping ComputerView original source ↗

The U.S. House Committee on Homeland Security is calling on Instructure executives to testify about two cyberattacks by the ShinyHunters extortion group that targeted the company's Canvas platform, allowing threat actors to steal student data and disrupt schools during final exams. [...]

🤖 AI BriefingAuto-generated threat analysis

🔍Threat Overview

The US government is investigating a massive Canvas cyberattack by the ShinyHunters extortion group, which compromised Instructure's systems and stole student data, disrupting schools during final exams.

⚙️Technical Details

Affected Systems

Instructure's Canvas learning management platform

Attack Vectors

multiple cross-site scripting (XSS) vulnerabilities

💥Impact Assessment

Severity: high

🛡️Recommended Actions

1Implement regular security audits to identify and patch vulnerabilities

2Use multi-factor authentication to protect admin sessions

3Monitor login portal pages for suspicious activity

📦Affected Products

Instructure's Canvas learning management platform

Read the full article

This is a curated summary. The complete article is available at Bleeping Computer.

Read on Bleeping Computer ↗

← Back to feed