A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based ...

Drupal is warning that hackers are attempting to exploit a "highly critical" SQL injection vulnerability announced earlier this week. The content management system (CMS) project published a PSA on May ...

Data stolen in a cyberattack that shut down an education platform used by universities and K-12 schools across the US last week has been returned to the platform’s parent company, Instructure, ...

Cybercriminals created a zero-day exploit with AI, the first example of artificial intelligence finding and hacking software for an illicit enterprise, the tech giant says in a new report. Over the ...

Students have struggled with Canvas downtime due to a data breach during school finals. Credit: Piotr Swat/SOPA Images/LightRocket via Getty Images The hacking collective ShinyHunters says it ...

Millions of students in universities and K-12 districts had their data compromised this week as a hack took down Canvas, a classroom management tool used all over the country. Millions of students in ...

See more of our trusted coverage when you search. Prefer Newsweek on Google to see more of our trusted coverage when you search. A nationwide cyberattack affecting a widely used learning platform ...

Most users regained access to the platform hours after a hacking group said it had attacked Canvas’s parent company and breached 275 million people’s data. By Hannah Ziegler Canvas, a platform used by ...

Canvas, one of the most widely used education apps, said it had restored services after pulling the plug in the middle of finals week at many colleges to deal with a cybersecurity incident. From ...

On May 3, cybercrime group ShinyHunters claimed responsibility for breaching Instructure — the parent company of Canvas — reportedly compromising the data of hundreds of millions of users, including ...

Add Yahoo as a preferred source to see more of our stories on Google. Investigators say Matthew Lane, a teenage hacker, used stolen credentials to gain access to PowerSchool. What to know about a rare ...