All articles tagged with #cyberattack
A cyberattack attributed to the ShinyHunters disrupted the Canvas platform across US and Canadian campuses, affecting Penn State, UBC, the University of Toronto, UCLA and the University of Chicago, causing exam disruptions as ransom-like warnings circulated and Instructure worked to restore service.
A cyberattack on Instructure's Canvas learning-management system knocked the platform offline for thousands of schools and universities across the U.S., with the ShinyHunters group claiming responsibility and threatening data leaks; exams and finals were canceled at several campuses as the outage persisted, but Canvas gradually returned for most users by nightfall and investigations continued.
Germany says Russia ran a global phishing campaign targeting Signal and WhatsApp that affected hundreds of accounts, including German officials; Der Spiegel cites undisclosed government sources and says at least 300 Signal accounts were impacted, with access to chats and verification codes. Dutch, U.S. and German intelligence have linked Russian actors to the operation, while Signal acknowledged targeted phishing and Moscow denies involvement.
UK's AI Security Institute finds Anthropic's Mythos Preview can autonomously chain a 32-step data-exfiltration attack in a simulated corporate network, outperforming prior models in the Last Ones test, while still failing tougher seven-step scenarios and real-world defense conditions—highlighting AI's potential to both threaten and strengthen cybersecurity.
A hacker group named ShinyHunters claims to have breached Rockstar Games’ systems via a third‑party data exposure and threatens to leak stolen data unless paid, with a deadline of 14 April 2026; Rockstar says only a limited amount of non-material information was accessed and there is no impact on players. The incident marks Rockstar’s second breach in three years and comes as GTA VI development remains costly and tightly controlled.
Autonomous AI agents capable of thinking, acting, and adapting without human intervention are being described as a hacker’s dream, potentially enabling scalable, relentless cyberattacks on corporate and government systems. Fortune highlights Anthropic’s Mythos as far ahead in cyber capabilities, signaling a new wave of AI-driven exploitation, while ‘shadow AI’ risks grow as employees run agents remotely. A Dark Reading poll shows nearly half of cybersecurity professionals view agentic AI as the top attack vector for 2026, underscoring the urgent need for safe, controlled AI environments and heightened organizational awareness.
Pro‑Iranian group Handala published more than 300 emails and photos from Kash Patel’s personal Gmail, mostly dating from 2010–2012 with some items from 2022, claiming retaliation after FBI/DOJ actions against Iranian hacking operations. NBC News could not verify all emails; the material includes Patel’s family correspondence and a Cuba trip, with metadata indicating the breach predates his government work. The FBI says the information is historical and contains no government information. The incident occurs amid broader Iranian cyber activity targeting U.S. figures, with the State Department offering up to $10 million for information on Iranian hackers.
A March 2026 Stryker cyberattack allegedly used Microsoft Intune to remotely wipe thousands of devices, with Iran-linked Handala claiming credit and up to 50 terabytes of data stolen. Researchers say the attack leveraged living-off-the-land techniques rather than a flaw in Intune, highlighting how MDM/UEM platforms can be abused. MFA and multi-account approvals for destructive actions are advised as Stryker works with forensic experts and the CISA investigates the incident.
Last week’s Stryker cyberattack, linked to the Handala hacktivist group, targeted its internal Microsoft environment and used the Intune wipe command to remotely erase data on about 80,000 devices after an admin account was compromised; attackers claimed wiping 200,000 devices and stealing 50 TB, but investigators found no data exfiltration and no malware was deployed. Medical devices remain safe, while electronic ordering systems are offline and orders must be placed via sales reps as restoration proceeds. Microsoft’s DART and Unit 42 are leading the investigation, with full operations and shipping expected to resume as systems recover.
Stryker disclosed a global cyberattack that disrupted its Microsoft environment and wiped devices via Intune, affecting about 5,500 employees across several regions; while restoration efforts are ongoing, the full timeline and potential financial impact remain unclear, with security researchers pointing to Handala/IRGC-linked APT34 activity though Microsoft has not commented.
An Iran-linked hacktivist group, Handala, claims it hacked U.S. medical-device maker Stryker in retaliation for the Minab school bombing, saying it caused global disruption to Microsoft-based systems; Stryker says there is no ransomware evidence and the incident is contained, with a full restoration timeline unclear. Analysts warn more cyber actions may follow as Middle East tensions spill into the cyber realm.
An Iran-linked cyberattack disrupted Stryker’s global networks, taking devices offline and bringing operations to a standstill across Europe, Asia, and the US; Handala claims to have exfiltrated 50 TB of data and wiped over 200,000 devices, though Stryker says there is no malware or ransomware and the full impact and restoration timeline remain uncertain.
Iran-backed Handala claimed responsibility for a global cyberattack on U.S. medical-technology company Stryker, crippling its Microsoft environment, wiping data on many computers, and forcing offices to close; Stryker says there is no ransomware and is assessing the impact as Handala frames the strike as retaliation for an Iranian school bombing.
Iran-connected group Handala disrupted Stryker’s global networks and claimed to have stolen about 50 terabytes of data in retaliation for US-Israeli strikes on Iran. Stryker reported a global Microsoft environment disruption with no evidence of ransomware and said the incident is under investigation; Handala also claimed an attack on Verifone amid broader tensions and threats against Western targets.
An Iranian prayer-time app was hacked to display anti-regime messages urging defections, as protests widen and Iran faces a widespread internet blackout. The attacker remains unknown, but the incident coincides with cyberattacks on state outlets and heavy repression of demonstrations, with Netblocks noting internet access dropped to about 4%.