Key developments
Canvas breach disrupts finals across schools
ZDNET's Charlie Osborne reported that Instructure said it contained a Canvas security incident after ShinyHunters posted ransom notes on May 7 and claimed data on roughly 275 million students across about 8,800 institutions. Instructure said it found no evidence passwords, dates of birth, government IDs or financial information were involved, but it revoked privileged credentials, rotated security keys, patched systems and briefly took Canvas offline after unauthorized page changes affected some logged-in students and teachers. Newsday reported the outage disrupted finals-season scheduling at multiple schools before Canvas was restored to most users.
Why it matters
Canvas is a core education platform, so any confirmed data exposure or service interruption can affect student privacy and campus operations at scale.
Sources & driving stories
ZDNET · Charlie Osborne
ZDNET coverageNEWSDAY
Newsday coverageNVIDIA partner confirms GeForce NOW user breach
HotHardware's Paul Lilly reported that NVIDIA confirmed unauthorized access at GFN.am, the Armenia-based GeForce NOW Alliance partner, after the intrusion ran from March 20 to 26. The exposed data included full names, email addresses, phone numbers, dates of birth and GeForce NOW usernames; NVIDIA said its own services were not affected and GFN.am said account passwords were not compromised. The partner said users who registered after March 9, 2026 were unaffected and that it would notify impacted users.
Why it matters
It shows a regional vendor breach can expose personal data even when the main platform operator says its own systems were untouched.
Sources & driving stories
HOTHARDWARE · Paul Lilly
HotHardware coverageWorth noting
WORTH NOTING
TSA Touchless ID reaches 65 airports
Komando reported a sharp expansion of TSA's biometric lane program, alongside a still-obscure opt-out process that many travelers may not recognize.
WORTH NOTING
AI voice-clone scam calls keep scaling
CNBC's Mike Winters reported that synthetic voices and caller-ID spoofing are making impersonation scams more convincing and easier to run at volume.
WORTH NOTING
TCLBANKER spreads through WhatsApp and Outlook
The Hacker News reported a new banking trojan that uses hijacked WhatsApp Web and Outlook sessions to deliver malware through victims' own contacts.
Still unclear
OPEN QUESTION
What data left Canvas systems?
Instructure has denied exposure of some sensitive fields, but schools still need clarity on whether student IDs, messages or other records were actually taken.
OPEN QUESTION
Will TSA make opt-out obvious?
As Touchless ID expands, the privacy question is whether travelers get clear notice and a real, frictionless way to decline biometric capture.