University of Toronto among Canadian schools targeted in widespread cyberattack on Canvas system

The University of Toronto, the University of British Columbia and the University of Alberta are among the largest Canadian schools affected by a hack that potentially touched more than 8,000 ...
eWeek

Vibe Coding Cheat Sheet: Tools, Prompts, Security Tips, and More

This vibe coding cheat sheet explains how plain-language prompts can build apps fast, plus the planning, testing, and ...

The Canvas Hack Is a New Kind of Ransomware Debacle

Thousands of schools around the US were paralyzed on Thursday after education tech firm Instructure shut down access to its ...

What we know about the Canvas hack that has impacted thousands of schools

Students attempting to access grades, study materials and quizzes were met instead with a message from a hacking group on ...
SecurityWeek

Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking

Claude Code vulnerability allows attackers to intercept OAuth tokens, enabling access to connected SaaS platforms and ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
HealthcareInfoSecurity

Socket Buys Secure Annex to Expand Supply-Chain Visibility

Socket’s acquisition of Secure Annex extends software supply-chain security beyond open-source dependencies into browser and ...
Nation

How Kenyan girls are shaping the future of ICT

The 21-year-old is the Country Lead for Girls in Robotics Kenya Chapter and co-founder of Space Shift, mentorship roles she has taken on with one goal: equipping young learners with the cyber-security ...

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal — and don't — about agent runtime protection.
Bleeping Computer

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...
WMUR

College student who hacked PowerSchool software says he's grateful he was caught

THE HACKERS MIND AND THE CHAOS HE CREATED. THE FBI CALLS THIS ONE OF THE WORST HACKS THAT THEY’VE SEEN, AND THE HACKER, A 20 YEAR OLD COLLEGE STUDENT, SAYS HE KNEW HE WAS ADDICTED TO WHAT HE WAS DOING ...
Inc

They Shared Coffee and Code—Then Stole $285 Million in a North Korea–Linked Crypto Hack

One of the largest cryptocurrency trading platforms revealed last week that an attack led to the theft of $285 million with user’s funds being affected. They allege that this is the result of a months ...