Canvas breach uses XSS to deface portals and pressure ransom campaigns

May 11, 2026 at 06:57 PM

•

1 min read

Canvas breach uses XSS to deface portals and pressure ransom campaigns — Photo: BleepingComputer

TL;DR Summary

Instructure confirmed attackers exploited multiple cross-site scripting flaws in the Canvas Free-for-Teacher environment to hijack authenticated admin sessions, deface login portals, and trigger a ransom demand by ShinyHunters. The initial breach exposed data from about 8,809 educational organizations, with ShinyHunters claiming as many as 275 million records stolen; the defacement itself did not involve direct data loss, and Canvas has since been restored after a temporary shutdown.

Topics:nation #canvas #cybersecurity #data-breach #extortion #technology #xss

Share this article

Instructure confirms hackers used Canvas flaw to deface portals BleepingComputer
Canvas global service disruption update UT San Antonio Today
School app Canvas breach hits during finals Fox News
Millions of students’ personal data stolen in major education breach Malwarebytes
“PAY OR LEAK”: Hackers Target Big Higher Ed Vendor Inside Higher Ed

Reading Insights

Total Reads

Unique Readers

Time Saved

4 min

vs 5 min read

Condensed

92%

817 → 67 words

Want the full story? Read the original article

Read on BleepingComputer

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights