Hackers exploit Roundcube flaw to spy on academic researchers
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. [...]
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal credentials and deploy backdoor malware. [...]
A China-linked espionage group hid inside North American medical, academic, and military research networks for more than a year, quietly stealing sensitive research and defense email
Program Focuses on AI Governance, Safety, Privacy, Bias and TransparencyAccreditation organization Joint Commission is rolling out a voluntary program for certifying the "responsible" deployment and use of artificial intelligence technologies by U.S. healthcare provider organizations, including governance, safeguards, monitoring processes and education.
The U.S. House Committee on Homeland Security is calling on Instructure executives to testify about two cyberattacks by the ShinyHunters extortion group that targeted the company's Canvas platform, allowing threat actors to steal student data and disrupt schools during final exams. [...]
American educational technology company Instructure, the parent company of Canvas, said it reached an "agreement" with a decentralized cybercrime extortion group after it breached its network and threatened to leak stolen information from thousands of schools and universities
An ongoing data extortion attack targeting the widely-used education technology platform Canvas disrupted classes and coursework at school districts and universities across the United States today, after a cybercrime group defaced the service's login page with a ransom demand that threatened to leak data from 275 million students and faculty across nearly 9,000 educational institutions.
CFOs Should Know: Lackadaisical Security Carries a PriceBad cybersecurity is bad for business. A badly secured business may pay as much as ten extra basis points for a loan than if its posture had been up to scratch, find academic studies examining how U.S. banks price debt. The bill for poor cybersecurity could run hundreds of thousands of dollars.
Also, Medusa Ransomware, Grafana Flaw, German Political Party BreachThis week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused GitHub, Grafana AI bugs enabled data theft, scams hit $20B in the United States, Ivanti exploited and attacks hit Northern Ireland schools and a German political party.
Public policy professor says it will make America less secure but hits Netgear’s lobbying goals The United States’ ban on foreign-made SOHO routers won’t improve security, and only makes sense as “industrial policy disguised as cybersecurity,” according to Milton Mueller, Professor at the University of Georgia’s School of Public Policy and founder of its Internet Governance Project.…
EC-Council, creator of the world-renowned Certified Ethical Hacker (CEH) credential and a global leader in applied cybersecurity education, today launched its Enterprise AI Credential Suite, with four new role-based AI certifications debuting alongside Certified CISO v4, an overhauled executive cyber leadership program. [...]
A previously undocumented threat activity cluster has been attributed to an ongoing malicious campaign targeting education and healthcare sectors in the U.S. since at least December 2025
With $5.5 trillion in global AI risk exposure and 700,000 U.S. workers needing reskilling, four new AI certifications and Certified CISO v4 help close the gap between AI adoption and workforce readiness
Discover why Government and Education must prioritize Cyber Risk Management.
The U.S. Federal Bureau of Investigation (FBI) on Thursday released an advisory warning of North Korean state-sponsored threat actors leveraging malicious QR codes in spear-phishing campaigns targeting entities in the country
Plan Calls for Updated HIPAA Regs, Grants, Training, Enhanced Breach Reporting DataFour U.S. lawmakers - including the chair of the Senate health, education, labor and pensions committee - are taking another stab with a bipartisan bill aimed at strengthening cybersecurity in healthcare. That includes bolstering HIPAA, and providing cyber grants and training to the sector.
A threat actor known as Storm-2657 has been observed hijacking employee accounts with the end goal of diverting salary payments to attacker-controlled accounts
A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed lures
White House Kick Off School Year With AI Education Efforts, Public-Private CollabsThe Trump administration is rolling out its Presidential Artificial Intelligence Challenge with a series of high-profile White House events and public-private sector commitments - just as the Federal Trade Commission reportedly prepares to investigate AI systems' impact on child mental health.
Microsoft announced that starting this Thursday, all college students in the United States can get a free year of Microsoft 365 Personal. [...]
Cyberattacks on educational institutions are growing. But with budget constraints and funding shortfalls, leadership teams are questioning whether — and how — they can keep their institutions safe.