Smashing Security podcast #467: How ShinyHunters hacked the world’s biggest universities

# Executive summary The episode covers two primary security incidents: (1) a major Instructure/Canvas compromise attributed to the ShinyHunters gang that allegedly exposed ~275 million records (3.65 TB) across thousands of institutions, used extortion and site defacement (impacting student exams), and exploited unverified free-for-teacher accounts; and (2) a coordinated financial fraud campaign using deepfakes, targeted social-media ads and private WhatsApp groups to drive pump-and-dump stock manipulations and cryptocurrency fraud that also harvested identity and KYC data.