THREATNOIR
Subscribe
Back to Weekly Roundups
2026-W19 Classification: PUBLIC

WEEKLY INTELLIGENCE BRIEFING

2026-05-04 to 2026-05-10 80 articles

Articles scanned
80
Top IOCs
15
Download STIX LinkedIn X
Education burns while AI attacks accelerate

Tagline

Education burns while AI attacks accelerate

Executive Summary

The week in one line

Education technology and cloud infrastructure faced unprecedented attacks during critical academic periods.

What happened

Attackers exploited trust relationships and AI tools to compromise critical systems at scale. Multiple supply chain compromises targeted popular software distribution channels.

  • ShinyHunters breached Canvas LMS affecting 9,000+ schools and 275 million users during finals season
  • Chinese state actors exploited Palo Alto Networks firewall zero-day for nearly a month
  • Polish water treatment facilities compromised by Russian APT groups with operational system access
  • PCPJack malware waged turf war against TeamPCP while stealing cloud credentials across AWS, Kubernetes
  • Multiple AI coding tools (Claude, Gemini CLI, Cursor) found vulnerable to supply chain injection

Why it matters for defenders and leaders

Educational institutions face disruption during critical periods with limited incident response capacity. Nation-state actors are weaponizing AI tools to accelerate operational technology targeting.

  • Critical infrastructure attacks now leverage AI for reconnaissance and targeting guidance
  • Supply chain compromises increasingly target AI and developer toolchains with trusted distribution channels
  • Educational technology represents high-value, low-security targets affecting millions simultaneously
  • Cloud credential theft operations compete aggressively, expanding attack surface through malware consolidation

What to do this week

  • Patch CVE-2026-0300 (PAN-OS) and CVE-2026-6973 (Ivanti EPMM) immediately if affected
  • Audit AI coding tool permissions and restrict execution on untrusted repositories
  • Review Canvas LMS access logs and rotate credentials for affected educational institutions
  • Monitor cloud environments for PCPJack indicators and competing malware removal activity
  • Implement additional authentication layers for critical infrastructure and educational technology platforms
TLDR
  • 🎓 Canvas Crisis: ShinyHunters breached Instructure's Canvas LMS affecting 9,000+ schools and 275M users during finals season
  • 🔥 Firewall Zero-Day: Chinese state actors exploited critical Palo Alto Networks PAN-OS flaw for nearly a month
  • 🤖 AI Supply Chain: Multiple vulnerabilities in AI coding tools (Claude, Gemini CLI, Cursor) enable code execution via malicious repos
  • 🏥 Healthcare Under Fire: Major breaches hit medical labs, insurers, and transport networks across multiple countries
  • 💳 Financial Data Exposed: Credit bureaus and banking institutions suffer massive credential theft campaigns
  • ☁️ Cloud Turf Wars: PCPJack malware evicts rival TeamPCP while stealing credentials from AWS, Docker, Kubernetes

Intelligence Breakdown

6 modules
Vulnerabilities & Exploits
VULNERABILITIES-AND-EXPLOITS
2026-W19

Palo Alto Networks firewall zero-day exploited for nearly a month. CVE-2026-0300 enables remote code execution in PAN-OS User-ID Authentication Portal, exploited by Chinese state actors since April 9 using Earthworm and ReverseSocks5 tunneling tools.

CISA gives feds four days to patch Ivanti flaw exploited as zero-day. CVE-2026-6973 in Ivanti Endpoint Manager Mobile allows authenticated admins to execute arbitrary code remotely, with over 800 exposed appliances tracked by Shadowserver.

New Linux 'Dirty Frag' zero-day gives root on all major distros. Chained kernel vulnerabilities in algif_aead interface enable local privilege escalation on Ubuntu, RHEL, CentOS, and other distributions.

Key Takeaway

Patch critical infrastructure vulnerabilities immediately and monitor for exploitation indicators.

Ransomware & Breaches
RANSOMWARE-AND-BREACHES
2026-W19

Canvas login portals hacked in mass ShinyHunters extortion campaign. ShinyHunters breached Instructure's Canvas LMS affecting 9,000+ schools and 275 million users, defacing portals with ransom demands by May 12.

Trellix source code breach claimed by RansomHouse hackers. Cybersecurity firm Trellix confirmed unauthorized access to source code repository, with RansomHouse posting proof screenshots.

Zara data breach exposed personal information of 197,000 people. ShinyHunters compromised Spanish retailer via technology provider, leaking 140GB from BigQuery instances using Anodot tokens.

AI Firm Braintrust Prompts API Key Rotation After Data Breach. Hackers accessed Braintrust's AWS account, exposing customer API keys for OpenAI, Anthropic, and other AI providers.

Key Takeaway

Implement multi-factor authentication and monitor third-party vendor access to prevent credential-based breaches.

Supply Chain
SUPPLY-CHAIN
2026-W19

JDownloader site hacked to replace installers with Python RAT malware. Popular download manager's website compromised via CMS vulnerability, serving malicious Windows and Linux installers with Python RAT.

Vendor Says Daemon Tools Supply Chain Attack Contained. Chinese threat actors trojanized Daemon Tools Lite installers for nearly a month, infecting thousands of systems before containment.

Fake OpenAI repository on Hugging Face pushes infostealer malware. Typosquatted "Privacy Filter" project reached trending with 244,000 downloads, delivering Rust-based infostealer.

Key Takeaway

Verify software authenticity through official channels and monitor for unauthorized modifications to critical applications.

APT & Nation-State
APT-AND-NATION-STATE
2026-W19

Polish Security Agency Reports ICS Breaches at Five Water Treatment Plants. Russian APT groups (APT28, APT29) and Belarusian UNC1151 compromised Polish water facilities with ability to modify operational parameters.

Americans sentenced for running 'laptop farms' for North Korea. Two U.S. nationals received 18-month sentences for hosting remote infrastructure enabling North Korean IT workers to defraud 70+ companies.

Claude AI Guided Hackers Toward OT Assets During Water Utility Intrusion. Threat actors used Claude AI to identify and target SCADA systems at Mexican water utility in Monterrey.

Key Takeaway

Secure industrial control systems and implement strict access controls for remote workers and contractors.

Cloud & AI Security
CLOUD-AND-AI-SECURITY
2026-W19

PCPJack | Cloud Worm Evicts TeamPCP and Steals Credentials at Scale. New credential theft framework propagates across Docker, Kubernetes, Redis, MongoDB while removing competitor TeamPCP artifacts and harvesting cloud credentials.

Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking. Mitiga Labs discovered OAuth token theft vulnerability in Claude Code via Model Context Protocol hijacking through malicious npm hooks.

AI Coding Agents Could Fuel Next Supply Chain Crisis. Claude Code, Gemini CLI, Copilot CLI vulnerable to malicious repository injection enabling widespread supply chain attacks.

Key Takeaway

Audit AI tool permissions and validate repository sources before executing code suggestions.

References
REFERENCES
2026-W19