r/SecOpsDaily

Google Chrome is performing a silent, unsolicited download of a 4GB AI model to user devices, with reports indicating it reinstalls itself even if deleted.

This behavior, flagged as a potential concern by security researchers, presents several issues:

• Unapproved Resource Consumption: A significant 4GB of disk space is consumed without user consent or notification.
• Persistence: The application actively reinstalls the model, bypassing user attempts to remove it, akin to unwanted software persistence.
• Privacy & Control: Raises questions about what data the model might process locally and the general lack of user control over software deployments on their own systems.

No specific file paths, hashes, or affected Chrome versions are detailed in this initial intelligence. No immediate user-friendly mitigation is described, given the reinstallation behavior.

Source: https://www.malwarebytes.com/blog/news/2026/05/google-chromes-silent-4gb-ai-download-problem

What happens when you fail to consider the risk that is actually relevant to the service you provide?

You get a cyberattack that hits exactly the service you provide.

Late April 2026.

An intrusion begins into the systems of Instructure, the company behind Canvas LMS, one of the world’s largest learning platforms used by approximately 9,000 educational institutions and universities worldwide, including Harvard University, Princeton University, University of Pennsylvania, and Arizona State University.

May 1.

The company announces for the first time that it is investigating a “cybersecurity incident” in its systems and activates external forensic teams.

May 2.

Instructure announces that the incident has been “contained,” but confirms that data was stolen, including: • Usernames

• Email addresses

• Student IDs

• Private messages between users

• Additional information from the learning systems

At this stage, no widespread system outage has been reported.

May 3.

The threat actor group ShinyHunters claims responsibility and details its “achievements”: • Approximately 3.65TB of data

• More than 275 million user records, including billions of private messages

• Data from approximately 9,000 educational institutions worldwide

May 6.

Deadline for an undisclosed ransom payment expires, although it was reported that approximately $1 million was demanded from the University of Pennsylvania.

At the same time, institutions were allowed to contact the attackers directly in order to prevent exposure of their own data.

Meanwhile, Instructure applies software updates and announces that the system has returned to full operation:

“ongoing unauthorized activity.”

“At this stage, we believe the incident has been contained.”

May 7.

But as usual with threat groups that dislike others setting the rules for them, the situation escalates.

ShinyHunters claims that Instructure attempted remediation and security patches instead of negotiating, stating:

“Instead of contacting us to resolve it they ignored us and did some ‘security patches’.”

And, almost predictably, a bit of humor as well:

“Instructure didn’t fix all the vulnerabilities, we have more.”

When control is in the hands of the attacker, it does not take much for ransom messages to appear simultaneously across the login screens of approximately 330 educational institutions.

ShinyHunters takes over Canvas login pages and displays public extortion messages to users, together with a new ultimatum: May 12 before everything is leaked.

May 8.

All learning platforms are moved into maintenance mode.

The impact, in some institutions: • Complete disruption of access to the system

• Exams postponed

• Academic tasks halted

• Faculty temporarily shifting to email and Microsoft Teams

And once again, a lesson for everyone claiming there is only one path, one protection model, one type of solution. For those who rely entirely on technology. On spreadsheets.

Instead of attacking a single university, the attackers targeted one central vendor connected to thousands of institutions simultaneously.

Instead of investing energy into a wide range of attack methods, one vulnerability in a SaaS system and… Game Over.

And this does not mean SaaS solutions are illegitimate. Of course they are legitimate.

But organizations need to understand that together with the excitement of adopting the functionality, they are also adopting the vendor’s entire attack surface, including the features that appear least threatening.

When an attacker takes control of the login interface, they are not only stealing information.

They gain leverage over a company’s ability to maintain business continuity for hundreds of customers and millions of users.

They probably had ISO 27001 too.

#cyberresiliece

#CyberSecurity #CyberAttack #CyberResilience #Ransomware #DataBreach #SupplyChainAttack #SaaS #Canvas #Instructure #ShinyHunters #HigherEducation #InformationSecurity #BusinessContinuity

#CyberCrisis #CISO #CyberRisk #IncidentResponse #CyberDefense #Infosec #CyberAwareness

Google has reported a novel cybercrime campaign where threat actors leveraged AI to develop a zero-day exploit, specifically a 2FA bypass for mass exploitation. This marks the first confirmed instance of AI being used in the wild for vulnerability discovery and exploit generation.

• Threat Actor: An unknown cybercrime group.
• Exploit Type: Zero-day bypass for Two-Factor Authentication (2FA).
• Exploit Development: AI systems were likely used for vulnerability discovery and exploit generation, representing a significant shift in adversarial capabilities.
• Target: Designed for mass exploitation.
• TTPs/IOCs: Specific TTPs, IOCs, or affected services were not detailed in the initial disclosure.

Defense: Organizations should enhance monitoring for novel attack patterns and consider advanced authentication methods beyond traditional 2FA, such as FIDO2, which are generally more resilient to common bypass techniques.

Source: https://thehackernews.com/2026/05/hackers-used-ai-to-develop-first-known.html