May 11, 2026 Emerging Threats Weekly
About this lesson
This week’s briefing covers: 00:00 – Intro 00:40 [CAMPAIGN] Canvas Security Incident Canvas, the learning management system operated by Instructure and widely used by schools, universities, and other education providers, is the subject of an ongoing cyber extortion campaign. Public reporting attributes the activity to SHINYHUNTERS, a data-extortion group that has claimed access to large volumes of Canvas-related user data. 02:54 [PHISHING] Code-of-Conduct AiTM Campaign Hit 35,000 Users Across 13,000 Organizations Microsoft reported a coordinated, multi-stage phishing campaign that targeted more than 35,000 users across 13,000 organizations in 26 countries between April14 and 16, with 92% of observed activity affecting U.S.-based victims. 04:33 [VULNERABILITY] “Copy Fail” Linux Privilege-Escalation Bug Added to KEV Amid Active Exploitation CISA has added CVE-2026-31431, dubbed Copy Fail, to its known exploited vulnerabilities (KEV) catalogue, confirming real-world exploitation within 24 hours of disclosure. The Linux local privilege-escalation vulnerability affects every mainstream kernel built since 2017 and allows authenticated local users to escalate to root access. 06:38 [THREAT ACTOR] China-Nexus UAT-8302 Expanded Government Targeting Across South America and Southeastern Europe Cisco Talos disclosed UAT 8302 as a China nexus advanced persistent threat group that has been targeting government entities in South America since late 2024. The activity expanded in 2025 to include government agencies in southeastern Europe. 08:34 [CAMPAIGN] VENOMOUS#HELPER Phishing Used Legitimate RMM Tools for Durable Remote Access Securonix reports that the ongoing VENOMOUS#HELPER campaign has affected more than 80 organizations, most of them in the U.S. The operation appears to use phishing as the entry point and legitimate remote monitoring and management software as the persistence mechanism. 10:38 [VULNERABILITY] Ollama Windows Auto-Updater Flaws Can Be Chained in
DeepCamp AI