09 Jul, 2026

Instructure confirms hackers used Canvas flaw to deface portals

Education technology giant Instructure has confirmed that a security vulnerability allowed hackers to modify Canvas login portals and leave an extortion message. GeekFeed has learned that both the breach and defacements involved multiple cross-site scripting (XSS) vulnerabilities that enabled the attacker to obtain authenticated admin sessions. The second hack was to draw attention and to pressure […]

2 mins read

Canvas login portals hacked in mass ShinyHunters extortion campaign

The ShinyHunters extortion gang has breached education technology giant Instructure again, this time exploiting a vulnerability to deface Canvas login portals for hundreds of colleges and universities. The defacements, which were visible for roughly 30 minutes before being taken offline, displayed a message from ShinyHunters claiming responsibility for the earlier Instructure breach and threatening to […]

4 mins read

Seiko USA website defaced as hacker claims customer data theft

The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid. Visitors to the “Press Lounge” section of the site were shown a page titled “HACKED,” which replaced normal content with what appeared to be a […]

1 min read

UK sentences “serial hacker” of 3,000 sites to 20 months in prison

A 26-year old in the UK who claimed to have hacked thousands of websites was sentenced to 20 months in prison after pleading guilty earlier this year. Al-Tahery Al-Mashriky of Rotherham, UK, was arrested in 2022 based on information received from U.S. law enforcement and charged for stealing log in details of millions of Facebook users, and […]

2 mins read

LockBit ransomware gang hacked, victim negotiations exposed

The LockBit ransomware gang has suffered a data breach after its dark web affiliate panels were defaced and replaced with a message linking to a MySQL database dump. All of the ransomware gang’s admin panels now state. “Don’t do crime CRIME IS BAD xoxo from Prague,” with a link to download a “paneldb_dump.zip.” As first spotted by the threat […]

2 mins read

Everest ransomware’s dark web leak site defaced, now offline

The dark web leak site of the Everest ransomware gang has apparently been hacked over the weekend by an unknown attacker and is now offline. The unknown attacker replaced the website’s contents with the following sarcastic message: “Don’t do crime CRIME IS BAD xoxo from Prague.” The Everest operation has since taken down its leak […]

2 mins read