Last mentioned: 6h ago
Google/Mandiant publish findings
Google’s threat intelligence blog details the campaign, attribution, and sector impact.
Oracle issues security advisory
Oracle publishes a patch and advisory for the PeopleSoft vulnerability, closing the zero-day window.
Campaign window closes
Last observed exploitation activity before Oracle issues its advisory.
Campaign begins
ShinyHunters starts active scanning and exploitation of the Oracle PeopleSoft zero-day.
An active extortion campaign by ShinyHunters exploited a zero-day vulnerability in Oracle PeopleSoft, with Google notifying over 100 organizations—68% in higher education. The attackers used customized MeshCentral agents for C2, actions occurring before Oracle’s June 10 advisory. This highlights the growing threat of zero-day exploitation in widely used enterprise software and the education sector’s vulnerability.
This page surfaces every story mentioning Canvas across our cybersecurity coverage. We track each entity's appearance over time so readers can trace how the narrative evolves — which developments are isolated incidents, which build into longer arcs, and which reframe how operators in the space think about the entity. Story selection uses the same multi-source verification gate applied across the rest of our coverage.
Read our editorial methodology for how we identify, deduplicate, and score entity references. Our glossary defines the technical terms used across stories on this page, and our trends index contextualizes individual developments against the longer-running cybersecurity beat. Cross-entity comparisons live on our compare view.
| What you see | What it tells you |
|---|---|
| Story count | Number of distinct stories where Canvas was a primary or referenced actor. |
| Recency clustering | Whether mentions are concentrated in a recent window (a news cycle) or distributed (a sustained arc). |
| Sentiment distribution | Aggregate sentiment of the stories mentioning this entity, weighted by impact score. |
| Cross-niche links | When the same entity surfaces in our sibling networks, we link to those views to enrich context. |