
ShinyHunters Breach of Instructure Canvas LMS 📚✏️: Lessons for SOCs on Third-Party Vendor Risks
From Secure AF - A Cybersecurity Podcast by Alias Cybersecurity
May 20, 2026 · 5 min
About this episode
This episode discusses the ShinyHunters breach of Instructure's Canvas LMS and its implications for security teams regarding third-party vendor risks.
Got a question or comment? Message us here! In this episode of the #SOCBrief, we break down the ShinyHunters breach of Instructure’s Canvas LMS and what it means for security teams everywhere. From exploiting a lesser-monitored service to exfiltrating millions of records, this attack highlights the growing risk of third-party vendors and supply chain exposure. We walk through how the breach unfolded, key indicators of compromise, and the practical steps SOC teams can take to detect, mon...
People in this episode
Host: Alias Cybersecurity
Topics covered
- cybersecurity
- third-party vendor risks
- supply chain exposure
- data breach
- security operations center
Keywords
- ShinyHunters
- Instructure
- Canvas LMS
- data breach
- third-party risks
- security teams
- indicators of compromise
Mentioned in this episode
Organizations: Instructure, ShinyHunters
Products: Canvas LMS
More episodes of Secure AF - A Cybersecurity Podcast
- The SOC Brief Turns One 🎂 Insights, Stories & Lessons Learned · June 10, 2026 · 14 min
- Kali365 Phishing-as-a-Service: FBI Warns of New M365 Credential Theft Tool · June 3, 2026 · 6 min
- Incident Response 101: What to Do When You’re Under Attack · June 2, 2026 · 38 min
- First Known AI-Powered Zero-Day Exploit: What SOCs Need to Know 🤖 · May 27, 2026 · 5 min
- Canvas Breach Breakdown: What 9,000+ Outages Teach Us About SaaS Risk · May 19, 2026 · 55 min
- MuddyWater’s Ransomware Decoy: Iranian APTs Hiding Espionage in Plain Sight · May 13, 2026 · 5 min
Explore listener stats, chart rankings, contacts and more on the Secure AF - A Cybersecurity Podcast podcast page.