The data and endpoint security landscape is always changing, and news happens fast. Each week we recap some of the top security news stories to help you stay informed. Here’s what happened this week.

While the number of security incidents involving malware and ransomware have increased in the last year, there’s been a noticeable decline of new infections of specific malicious software, including Locky, Dridex and Angler.

The University of Greenwich was the target of a data breach by a former student who reportedly managed to get access to the university’s website to steal confidential data including student contact information, grades, staff holiday details, and correspondence between students and staff.

This new ransomware strain, called RAA, is coded entirely in Javascript. Researchers say that RAA is typically distributed by email as attachments that are made to look like document files.

The bug bounty pilot run by the Department of Defense has produced 138 valid reports of vulnerabilities so far in public DoD websites. The”Hack the Pentagon” program ran from from April 18 to May 12, and had 1,410 hackers registered to participate.

Shadow IT has been a reality  for companies since computing became a staple of the workplace and tech-savvy employees started skirting the rules, but the risks associated with Shadow IT have skyrocketed with the exponential rise of mobile devices and cloud technology.