Cyber Threat Digest: Key Breaches, AI Risks, and Patches (May 11 Edition)

In the week of May 11, the cybersecurity landscape saw significant attacks targeting education, retail, media, and automotive sectors, alongside emerging AI-related vulnerabilities and critical patch alerts. This Q&A summarizes the top incidents and findings from the latest Threat Intelligence Report.

What happened in the Instructure (Canvas) data breach?

The US edtech company Instructure, which operates the widely used Canvas learning management system, confirmed a major breach in its cloud-hosted environment. Attackers, later linked to the ShinyHunters group, accessed and exposed sensitive data including student and staff records along with private messages. In an escalation, the defacement of hundreds of school login portals with ransom messages took place. The incident underscores the growing threat to educational platforms where vast amounts of personal data are concentrated. Instructure has not disclosed the total number of affected individuals but is actively notifying users and law enforcement. This breach mirrors a pattern of extortion-driven attacks against cloud service providers that handle educational records.

Cyber Threat Digest: Key Breaches, AI Risks, and Patches (May 11 Edition) — Source: research.checkpoint.com

How did the Zara data breach occur and what data was exposed?

Zara, flagship brand of the Inditex group, fell victim to a data breach tied to a third-party technology provider. Unauthorized access was confirmed by Inditex, and security experts verified that 197,400 unique email addresses, order IDs, purchase history, and customer support tickets were leaked. The incident did not involve Zara’s core systems directly, but rather a vendor handling customer interactions. While no financial data or passwords were compromised, the exposed information could enable targeted phishing campaigns. This breach highlights the risk of supply chain vulnerabilities in retail, where third-party integrations often handle sensitive customer details without the same level of security as the primary brand.

What happened to Hungarian media company Mediaworks?

Mediaworks, which operates dozens of newspapers and online outlets in Hungary, was hit by a data-theft extortion attack. The company confirmed an intrusion after the threat actor group World Leaks published 8.5 TB of internal files online. The leaked data reportedly includes payroll records, contracts, financial documents, and internal communications. This attack is part of a broader trend of targeting media organizations, where sensitive editorial and business data can be used for leverage or public exposure. Mediaworks is working with cybersecurity firms to assess the impact and restore secure operations. The incident emphasizes the need for robust access controls and encrypted storage in media environments.

What security incident affected Škoda's online shop?

Czech automaker Škoda experienced a security incident affecting its online shop after attackers exploited a software flaw to gain unauthorized access. The company stated that customer data possibly exposed includes names, contact details, order history, and login credentials. Critically, password and payment card data were not affected. The flaw was patched after discovery, but the breach underscores the vulnerability of e-commerce platforms in the automotive sector. Škoda advised affected customers to reset passwords and monitor accounts for suspicious activity. This incident adds to a series of attacks targeting auto retailers, where cybercriminals seek both personal and financial data.

What critical WebSocket vulnerability was found in Cline's AI coding agent?

Researchers uncovered a critical WebSocket hijacking vulnerability in Cline’s local Kanban server, which is part of the widely used open-source AI coding agent. The flaw, rated CVSS 9.7, allowed any website visited by a developer to exfiltrate workspace data and inject arbitrary commands into the AI agent. It was patched in version 0.1.66. This vulnerability is particularly dangerous because AI coding assistants often have broad access to project files and credentials. The attack surface widens as more developers integrate AI agents directly into their IDEs. This finding stresses the need for strict WebSocket origin checks and isolation of AI agent connections.

How did researchers exploit the Claude browser extension?

Security researchers found a flaw in Anthropic’s Claude for Chrome extension that allowed other browser extensions to hijack the AI agent. By exploiting this issue, malicious prompts could be injected to trigger unauthorized actions, such as accessing sensitive browser-connected data (e.g., saved passwords, cookies). The attack demonstrated how AI assistants can extend browser attack surfaces, as they often run with elevated permissions. The vulnerability was disclosed responsibly and Anthropic released an update to mitigate it. This incident highlights that browser-based AI tools must be designed with strict inter-extension communication safeguards to prevent cross-extension attacks.

What is the InstallFix campaign using fake Claude AI installers?

Researchers detailed an InstallFix campaign that used fake Claude AI installer pages promoted through Google Ads to infect Windows and macOS users. The scam tricked victims into running commands that launched multi-stage malware. The malicious payload stole browser data, disabled system protections (like Windows Defender), and established persistence through scheduled tasks. This campaign leverages the popularity of AI tools to bypass user skepticism. It underscores that even trustworthy ads can be weaponized, and users should always download software from official sources. Organizations should block ad-based downloads and educate employees about this threat.

What critical vulnerabilities were patched in MOVEit and Ivanti?

Progress Software alerted customers to two critical flaws in MOVEit Automation: CVE-2026-4670 (authentication bypass, allowing unauthorized access) and CVE-2026-5174 (privilege escalation). Fixes are available in versions 2025.1.5, 2025.0.9, and 2024.1.8. Separately, Ivanti fixed CVE-2026-6973, a high-severity vulnerability in Endpoint Manager Mobile (EPMM) that was exploited as a zero-day. Affecting EPMM 12.8.0.0 and earlier, the flaw allows attackers with administrator permissions to execute remote code. Hundreds of appliances are potentially affected. Both patches are critical for organizations using these tools, as the MOVEit flaws could lead to data exfiltration, and the Ivanti bug provides deep system access. Immediate patching is recommended.

Tags: