The cybersecurity landscape is evolving rapidly with new threats emerging daily. This report delves into the latest incidents, breaches, and trends, highlighting the critical need for robust defenses against phishing, AI-driven attacks, and supply chain vulnerabilities.
Education Sector Under Siege: Massive Data Breach at Instructure Canvas LMS
The education sector faced a significant breach when the ShinyHunters ransomware group targeted Instructure, the company behind the Canvas LMS, stealing 275 million records affecting thousands of institutions worldwide. The breach exposed sensitive communications, raising risks of phishing and identity theft. Instructure’s response included shutting down Canvas Data 2 and Canvas Beta, disrupting third-party integrations. Read more.
Education Sector Under Siege: Massive Data Breach at Instructure Canvas LMS
The education sector faced a significant breach when the ShinyHunters ransomware group targeted Instructure, the company behind the Canvas LMS, stealing 275 million records affecting thousands of institutions worldwide. The breach exposed sensitive communications, raising risks of phishing and identity theft. Instructure’s response included shutting down Canvas Data 2 and Canvas Beta, disrupting third-party integrations. Read more.
AI in Cybersecurity: A Double-Edged Sword
AI is increasingly involved in cybersecurity breaches, with 83% of breaches in the past year involving AI, according to a Gigamon survey. AI is embedded in nearly every stage of the attack chain, enabling adversaries to outpace detection. The survey highlights the need for defensive AI automation and visibility gaps, with 86% of CISOs considering metadata essential for hybrid cloud security. Read more.
The Gigamon survey revealed several key trends:
- AI is involved in 83% of breaches, with 65% of organizations experiencing at least one breach—an 18% annual increase. AI-driven attacks include external AI-enabled attacks (41%), direct attacks on large language models (33%), and internal leaks/unsanctioned AI use (30%).
- AI automation is crucial for security functions, with 94% of respondents using AI for alert triage (53%) as the top use case.
- Visibility gaps are a concern, with 86% of CISOs considering metadata essential for hybrid cloud security, yet 87% fear ‘harvest now, decrypt later’ attacks.
- There is a shift towards private data lakes for AI workloads over public clouds due to security concerns.
The survey underscores the importance of defensive AI automation and the need to address visibility gaps in hybrid cloud environments. Organizations must prioritize data-in-motion visibility and metadata pipelines to enhance their security posture.
Social Engineering and Scams: Evolving Tactics
AI tools are making phishing scams more personalized and convincing. Scammers use AI to mimic voices, generate hyper-realistic emails, and automate spear-phishing using stolen data. The Federal Trade Commission (FTC) reports that these scams are harder to detect. Social media scams cost Americans $2.1 billion in 2025, with Facebook being the top platform for scams, followed by WhatsApp and Instagram. Investment and romance scams were the costliest. The FTC recommends limiting post visibility to trusted contacts and verifying ads/deals by checking the company’s official website.
Final words
The cybersecurity landscape is becoming increasingly complex, with AI-driven attacks, supply chain vulnerabilities, and sophisticated phishing scams posing significant threats. Organizations and individuals must adopt proactive defense strategies, prioritize AI-driven threat detection, and ensure transparency in breach disclosures. Regulatory bodies must act swiftly to enforce penalties and prevent fraudulent cover-ups. Learn more about recent incidents.