ShinyHunters defaces Canvas portals during finals week.

This CyberWire-style briefing summarizes several concurrent security incidents: ShinyHunters defaced hundreds of Canvas portals and claims a related data breach as part of an extortion campaign against Instructure; CISA added an Ivanti EPMM zero-day (CVE-2026-6973) to its KEV and ordered federal patching; Progress urged patching of critical MOVEit Automation flaws (including CVE-2026-4670); Trellix disclosed a partial source-code repository breach; and a student allegedly used SDR/TETRA manipulation to halt trains in Taiwan. The report also highlights NCSC guidance anticipating an AI-driven surge in vulnerability disclosures and patch activity.