18-year-old NGINX vulnerability allows DoS, potential RCE

An 18-year-old flaw in the NGINX open-source web server, discovered using an autonomous scanning system, can be exploited for ...
The Hacker News

18-Year-Old NGINX Rewrite Module Flaw Enables Unauthenticated RCE

NGINX Rift CVE-2026-42945 scores 9.2 after 18 years, enabling unauthenticated RCE or DoS via crafted HTTP requests.

The Canvas Hack Shows Ransomware Isn’t Going Anywhere

The Canvas ransomware attack highlights that threat actors will target digital platforms to gain access to downstream systems ...
CNET

Canvas Hack Aftermath: Congress Wants Instructure to Answer Questions

A hacker group stole data from more than 9,000 schools using an exploit in Instructure's service. Now the House Homeland ...

Google Says Hackers Used AI to Build Zero-Day Exploit

Google says hackers used AI to help build a zero-day exploit targeting 2FA, raising concerns about AI-assisted hacking.

Deal reached with hackers to delete data stolen from the Canvas educational platform

Instructure, the company behind the online learning system Canvas, has reached a deal with hackers to delete data stolen in a ...

Instructure strikes deal with hackers who breached it twice

The maker of the Canvas school software said it "reached an agreement" with the hackers, but provided no guarantees that the ...

Data stolen in Canvas hack that hit thousands of schools has been returned, company says

Data stolen in a cyberattack that shut down an education platform used by universities and K-12 schools across the US last week has been returned to the platform’s parent company, Instructure, ...