Canvas Hack, Firefox Using Mythos & Dirty Frag

In this episode of Phoenix Cast, hosts John and Kyle break down a packed week in cyber: the Canvas ed-tech breach by Shiny Hunters that hit 9,000 schools and 275 million records right at testing season (both of their kids&#39; schools are scrambling to go non-digital), Firefox&#39;s eye-opening collaboration with Anthropic&#39;s Mythos model that surfaced 271 vulnerabilities in a single release for a fraction of the cost of a traditional bug bounty, and the Dirty Frag Linux kernel zero-day that escalates to root in seconds — but whose fix breaks IPsec VPNs and file sharing. They also dig into the new MAR ADMIN making AI training mandatory for every Marine, and John collects on Kyle&#39;s gaslighting from two episodes ago about model quality degradation (Anthropic basically said &quot;whoops&quot;). Stick around for John&#39;s hot take that ASIs — Authorized Service Interruptions — are officially dead in a world where chained vulnerabilities and 271 patches can drop in a single release.We’d love to hear your thoughts! Tweet us @ThePhoenixCast, and don&#39;t forget to join our LinkedIn Group to connect with fellow Phoenix Casters. If you enjoyed the episode, help us out by leaving one of those coveted 5-star reviews on Apple Podcasts. Thanks for listening!Links - Canvas Hack:Canvas Login Portals Hacked - ShinyHunters Extortion Campaign (BleepingComputer)https://www.bleepingcomputer.com/news/security/canvas-login-portals-hacked-in-mass-shinyhunters-extortion-campaign/Hackers Deface School Login Pages After Claiming Another Instructure Hack (TechCrunch)https://techcrunch.com/2026/05/07/hackers-deface-school-login-pages-after-claiming-another-instructure-hack/2026 Canvas Security Incident (Wikipedia)https://en.wikipedia.org/wiki/2026_Canvas_security_incidentLinks - Firefox Using Mythos:Claude Mythos Has Found 271 Zero-Days in Firefox (Schneier on Security)https://www.schneier.com/blog/archives/2026/04/claude-mythos-has-found-271-zero-days-in-firefox.htmlThe Zero-Days Are Numbered (Mozilla Blog)https://blog.mozilla.org/en/privacy-security/ai-security-zero-day-vulnerabilities/Behind the Scenes Hardening Firefox with Claude Mythos Preview (Mozilla Hacks)https://hacks.mozilla.org/2026/05/behind-the-scenes-hardening-firefox/Claude Mythos Finds 271 Firefox Flaws, Mozilla Believes It Shifts Security Toward Defenders (Help Net Security)https://www.helpnetsecurity.com/2026/04/22/claude-mythos-mozilla-vulnerabilities-scanning/Claude Mythos Finds 271 Firefox Vulnerabilities (SecurityWeek)https://www.securityweek.com/claude-mythos-finds-271-firefox-vulnerabilities/Mythos and Cybersecurity (Schneier on Security)https://www.schneier.com/blog/archives/2026/04/mythos-and-cybersecurity.htmlLinks - Dirty Frag:New Linux ‘Dirty Frag’ Zero-Day With PoC Exploit Gives Root Privileges (BleepingComputer)https://www.bleepingcomputer.com/news/security/new-linux-dirty-frag-zero-day-with-poc-exploit-gives-root-privileges/Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions (The Hacker News)https://thehackernews.com/2026/05/linux-kernel-dirty-frag-lpe-exploit.htmlActive Attack: Dirty Frag Linux Vulnerability Expands Post-Compromise Risk (Microsoft Security Blog)https://www.microsoft.com/en-us/security/blog/2026/05/08/active-attack-dirty-frag-linux-vulnerability-expands-post-compromise-risk/RHSB-2026-003 Networking Subsystem Privilege Escalation - Linux Kernel (Red Hat)<p