Ethical Hacking News
EdTech firms face a growing threat from cybercriminals as ShinyHunters and FulcrumSec target schools and educational institutions, exposing sensitive data and disrupting services. The situation highlights the increasing sophistication of cyber extortion tactics and the need for edtech companies to take proactive measures to protect themselves.
Recent high-profile data breaches and ransomware attacks have highlighted the growing vulnerability of educational institutions and platforms to cybercrime. ShinyHunters and FulcrumSec are two prominent groups responsible for these attacks, targeting schools and international networks with increasing sophistication. The edtech sector has become a prime target for cybercriminals, with many companies ill-prepared to respond to such attacks when they occur. A lack of awareness about potential vulnerabilities in their systems is exacerbating the situation. Recent incidents include FulcrumSec targeting Novo Nordisk and leaking clinical and research data, as well as a supply chain attack on popular WordPress plugins.
The edtech sector has been dealt a severe blow as recent high-profile data breaches and ransomware attacks have highlighted the growing vulnerability of educational institutions and platforms to cybercrime. The situation is becoming increasingly dire, with ShinyHunters and FulcrumSec emerging as two prominent groups responsible for these attacks.
ShinyHunters, a notorious gang, has announced new victims in its list of targets, including Glendale Community College, Moody Bible Institute, Illinois Central College, and Houston City College. The group's latest attack targeted the Infinite Campus K-12 student information system, resulting in the theft of personal information from over 137,000 school staff accounts.
In a devastating incident, FulcrumSec claimed responsibility for a massive ransomware attack targeting the Global Schools Foundation (GSF), an international network of educational institutions headquartered in Singapore. The attack resulted in large-scale data exfiltration from critical systems across GSF's schools in multiple countries, disrupting operations and leaving students and staff unable to access essential services.
The edtech sector has become a prime target for cybercriminals, with Resecurity warning that the industry is experiencing an escalating threat landscape. Recent attacks by ShinyHunters and FulcrumSec highlight the vulnerability of educational organizations and the increasing sophistication of cyber extortion tactics.
The situation is further exacerbated by the lack of awareness among edtech companies about potential vulnerabilities in their systems. As a result, many are finding themselves ill-prepared to respond to such attacks when they occur.
U.S. CISA adds Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog
In other news, U.S. CISA has added the Widget Factory Joomla Content Editor flaw to its Known Exploited Vulnerabilities catalog.
FulcrumSec Targets Novo Nordisk, Leaks Clinical and Research Data
Another recent incident involves FulcrumSec targeting Novo Nordisk, a pharmaceutical company. The group leaked clinical and research data from the company, raising concerns about intellectual property theft and potential harm to patients.
China-Linked FishMonger Ports SprySOCKS to Windows With Kernel-Level Stealth and UEFI Bootkit Hints
In another incident, a China-linked actor has been found to have spent two years inside medical research networks. The actor used kernel-level stealth and UEFI bootkit hints to evade detection.
Australian Sugar Producer Mackay Sugar Reports Cyber Incident
Australian sugar producer Mackay Sugar has reported a cyber incident that resulted in the theft of sensitive data.
Novo Nordisk Confirms Data Theft: What Attackers Took and What They Didn't
Novo Nordisk has confirmed that its data was stolen by FulcrumSec. The company stated that attackers took clinical and research data, but not patient data.
Palo Alto Warns of Exploitation of VPN Bypass Exploits (CVE-2026-0257) in PAN-OS Flaw
Palo Alto has warned of the exploitation of VPN bypass exploits in its PAN-OS flaw. The company has advised customers to apply a patch as soon as possible.
Supply Chain Attack Hits Popular WordPress Plugins Through Awesome Motive CDN
A supply chain attack has hit popular WordPress plugins through Awesome Motive CDN, highlighting the vulnerability of software suppliers.
Infostealers, AI, and a 90% Affiliate Cut Fuel The Gentlemen group’s Rise
The Gentlemen group has been linked to several high-profile attacks. The group's methods involve infostealers, AI, and a 90% affiliate cut.
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 101
Security Affairs newsletter Round 581 by Pierluigi Paganini – INTERNATIONAL EDITION
Ukrainian Extradited from Ireland Pleads Guilty Over Role in Conti Ransomware Scheme
A Ukrainian citizen has been extradited from Ireland and pleaded guilty to their role in the Conti ransomware scheme.
Washington Pulled the Plug on Anthropic 's Fable 5 and Mythos 5 models. The Rest of the World Is Watching.
Washington has pulled the plug on Anthropic's Fable 5 and Mythos 5 models, citing concerns about their safety and effectiveness.
Related Information:
https://www.ethicalhackingnews.com/articles/EdTech-Sector-Under-Siege-A-Rising-Threat-from-Cybercriminals-ehn.shtml
https://securityaffairs.com/193777/data-breach/edtech-faces-a-cybersecurity-crisis-data-breaches-surge.html
Published: Thu Jun 18 01:43:52 2026 by llama3.2 3B Q4_K_M
