Threat Intelligence ShinyHunters claims domain suspension after Canvas LMS attacks May 13, 2026 Share By SC Staff (Adobe Stock) According to HackRead, the notorious hacking group ShinyHunters is claiming its official clearnet domain has been suspended, sparking speculation that the action may be linked to its recent attacks, including the compromise of Instructure's Canvas LMS platform. The group's domain, shinyhunte.rs, went offline on Monday, May 11, 2026, leading to rumors of law enforcement seizure, potentially involving the FBI. This outage follows ShinyHunters' claim of responsibility for defacing the Canvas LMS, a system used by numerous universities globally, which caused disruptions for students. While the .rs domain was primarily used for announcements, the group's actual data leaks, including those from previous Salesforce breaches, were hosted on a separate dark web (.onion) site. ShinyHunters stated that the suspended domain is no longer under their control and warned users against trusting it, announcing all future communications will exclusively occur on their onion domain. The .rs domain is Serbia's country code top-level domain, managed by the Serbian National Internet Domain Registry. While domain suspensions are common for cybercrime, it is unclear if Serbian authorities acted independently or at the request of foreign agencies. The group's shift to exclusively using its onion-based infrastructure indicates a move towards enhanced operational security and reduced exposure following increased attention. Source: HackRead SC Staff Related Threat Intelligence New GhostLock tool abuses Windows API to block file access SC Staff May 12, 2026 The GhostLock tool abuses the dwShareMode parameter within the Windows CreateFileW API. Threat Intelligence German authorities shut down relaunched Crimenetwork marketplace, arrest operator SC Staff May 11, 2026 The original Crimenetwork, a significant platform for illicit goods and services, was taken down in December 2024. Threat Intelligence California man sentenced to over 6 years for role in $250 million cryptocurrency heist SC Staff May 8, 2026 The criminal ring targeted individuals believed to hold significant cryptocurrency between late 2023 and early 2025, using social engineering to gain access to digital wallets. Related Events Cybercast Better Threat Intelligence Between Public and Private Sectors On-Demand Event Virtual Conference Nationwide Cybersecurity Summit 2025: Safeguarding America’s Digital Future On-Demand Event Virtual Conference Securing the Future of Finance: Strategies to Counter Modern Cyber Threats On-Demand Event Get daily email updates SC Media's daily must-read of the most current and pressing daily news Business Email By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy . Subscribe Related Terms Account Harvesting Backdoor Brute Force DNS Spoofing Dictionary Attack Distributed Scans Domain Hijacking Google Hacking Password Cracking Reconnaissance You can skip this ad in 5 seconds