In this episode of Phoenix Cast, hosts John and Kyle break down a packed week in cyber: the Canvas ed-tech breach by Shiny Hunters that hit 9,000 schools and 275 million records right at testing season (both of their kids' schools are scrambling to go non-digital), Firefox's eye-opening collaboration with Anthropic's Mythos model that surfaced 271 vulnerabilities in a single release for a fraction of the cost of a traditional bug bounty, and the Dirty Frag Linux kernel zero-day that escalates to root in seconds — but whose fix breaks IPsec VPNs and file sharing. They also dig into the new MAR ADMIN making AI training mandatory for every Marine, and John collects on Kyle's gaslighting from two episodes ago about model quality degradation (Anthropic basically said "whoops"). Stick around for John's hot take that ASIs — Authorized Service Interruptions — are officially dead in a world where chained vulnerabilities and 271 patches can drop in a single release.

We’d love to hear your thoughts! Tweet us @ThePhoenixCast, and don't forget to join our LinkedIn Group to connect with fellow Phoenix Casters. If you enjoyed the episode, help us out by leaving one of those coveted 5-star reviews on Apple Podcasts. Thanks for listening!

Links - Canvas Hack:

Canvas Login Portals Hacked - ShinyHunters Extortion Campaign (BleepingComputer)

https://www.bleepingcomputer.com/news/security/canvas-login-portals-hacked-in-mass-shinyhunters-extortion-campaign/

Hackers Deface School Login Pages After Claiming Another Instructure Hack (TechCrunch)

https://techcrunch.com/2026/05/07/hackers-deface-school-login-pages-after-claiming-another-instructure-hack/

2026 Canvas Security Incident (Wikipedia)

https://en.wikipedia.org/wiki/2026_Canvas_security_incident

Links - Firefox Using Mythos:

Claude Mythos Has Found 271 Zero-Days in Firefox (Schneier on Security)

https://www.schneier.com/blog/archives/2026/04/claude-mythos-has-found-271-zero-days-in-firefox.html

The Zero-Days Are Numbered (Mozilla Blog)

https://blog.mozilla.org/en/privacy-security/ai-security-zero-day-vulnerabilities/

Behind the Scenes Hardening Firefox with Claude Mythos Preview (Mozilla Hacks)

https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/

Claude Mythos Finds 271 Firefox Flaws, Mozilla Believes It Shifts Security Toward Defenders (Help Net Security)

https://www.helpnetsecurity.com/2026/04/22/claude-mythos-mozilla-vulnerabilities-scanning/

Claude Mythos Finds 271 Firefox Vulnerabilities (SecurityWeek)

https://www.securityweek.com/claude-mythos-finds-271-firefox-vulnerabilities/

Mythos and Cybersecurity (Schneier on Security)

https://www.schneier.com/blog/archives/2026/04/mythos-and-cybersecurity.html

Links - Dirty Frag:

New Linux ‘Dirty Frag’ Zero-Day With PoC Exploit Gives Root Privileges (BleepingComputer)

https://www.bleepingcomputer.com/news/security/new-linux-dirty-frag-zero-day-with-poc-exploit-gives-root-privileges/

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions (The Hacker News)

https://thehackernews.com/2026/05/linux-kernel-dirty-frag-lpe-exploit.html

Active Attack: Dirty Frag Linux Vulnerability Expands Post-Compromise Risk (Microsoft Security Blog)

https://www.microsoft.com/en-us/security/blog/2026/05/08/active-attack-dirty-frag-linux-vulnerability-expands-post-compromise-risk/

RHSB-2026-003 Networking Subsystem Privilege Escalation - Linux Kernel (Red Hat)

https://access.redhat.com/security/vulnerabilities/RHSB-2026-003

Dirty Frag PoC Exploit (V4bel/dirtyfrag GitHub)

https://github.com/V4bel/dirtyfrag