The Weekly New Rewire is a survey of cyber or adjacent news stories that I read this past week (or recently). Please leave a comment if you think I missed anything.

Leave a comment

Editor Notes:

• I have two new papers out with the Canadian Global Affairs Institute:

  • Following the Digital Snail’s Trail: The Short History of Canadian Armed Forces Cyber Operations

  • Everything You Should Know About CAF Cyber Command

• Go sign Tanya Janca’s Secure-Coding Petition!

  • The article is finally out and can be read here.

• If you are in Ottawa-Gatineau region, come see me speak later today: https://www.eventbrite.ca/e/vers-un-bouleversement-des-equilibres-militaires-au-sein-de-lalliance-tickets-1987271944883

Feature your business in Canadian Cyber in Context through sponsorship.

Share

Canadian News

• Rogers offering buyouts to about 10,000 employees as it aims to cut spending

  • Rogers is making a big cost cutting push, which is part of plans to reduce capital spending by 30%. Rogers might be the least diversified

• Feds reveal 6 pillars for long-touted, repeatedly delayed national AI strategy

  • There are a lot of interesting details from the Spring Economic Update, which I plan to do a longer article about.

• Who’s Been Impersonating This ProPublica Reporter?

  • Someone has been impersonating a reporter to target people, which has included targeting a Canadian military official.

• Federal government plans to ban crypto ATMs to stop scammers from defrauding Canadians

  • Honestly, a bit surprising this has taken so long, but I wouldn’t exactly call this Parliament or Cabinet very tech-informed.

• GeoComply Cuts Staff Amid Market Shift

  • A top Canadian geolocation and security company cut approximately 80 people.

• AI ethical concerns roughly as important to Canadians as economic growth, analysis shows

  • And yet Minister Solomon and the Canadian government is actively diminishing ethical concerns, which is why they don’t know how to handle OpenAI’s abject failure in BC.

• Canada welcomes progress towards the establishment of the Defence, Security and Resilience Bank and hosting its headquarters

  • The DSRB is being developed for long-term, low-cost financing for defence, security and resilience initiatives, which means it will include cyber.

• Police investigate sophisticated cyber-fraud targeting Indigenous businesses

  • Refers to spearphishing as a “growing form of targeted online fraud” which I suppose is true, but laughable

• Major scandal in Alberta. Sepratists were illegally provided an Albertan electoral list of millions of Albertans contact details, who proceeded to leak it:

The Orchard

SCOOP: Elections Alberta investigating separatists for accessing electors list

An Elections Alberta official showed up to the launch of David Parker’s new separatist scheme with four Edmonton cops to inform the group that they’re under investiga…

Read more

4 days ago · 89 likes · 6 comments · Jeremy Appel

The Line

SCOOP: Jen Gerson: Elections Alberta's massive failure could have put people in danger. I tried to warn them.

By: Jen Gerson…

Read more

3 days ago · 195 likes · 48 comments · Jen Gerson

• Information and Privacy Commissioner of Alberta issues statement regarding unauthorized distribution of List of Electors

  • “What happened here is very serious,” - Commissioner Diane McLeod

• Elections Alberta granted injunction to pull down electoral list posted publicly by separatist group

  • It cannot be understated how massive a privacy breach this is. This is nothing compared to the breaches of many major corporations, but instead separatists are openly being given access to the full electoral list of Alberta to post without concern by the parties involved.

  • A separatist group was illegally provided with Alberta’s electoral list. I really hope Elections Alberta and the courts make an example out of this. However, I worry we’re likely to see interference from the current Alberta government.

• Prime Minister Carney announces upcoming diplomatic appointment

  • Jonathan Wilkinson appointed as Ambassador to EU

  • I normally wouldn’t include this, but this appointments have major implications for the growing shift of Canada’s market towards Europe/EU.

• Liberals are pitching a brand new police agency for financial crimes. How would that work?

  • As massive amounts of financial crime these days involve cyber crime, this is something to watch.

• CRA refunding $647-million collected from cancelled digital services tax

  • Carney claims to be taking a hard stance against the US, while completely not taking a hard stance on the US.

• CBSA IT System Outages Continue to Disrupt Supply Chains, Add Costs as Agency Issues Update

  • IT outages at the Canadian Border Services Agency is leading to supply chain disruptions.

• US and allies urge ‘careful adoption’ of AI agents

  • Canada is amongst the the partners that published this. Full report/guidance can be read here.

• PH, Canada to deepen cyber defense partnership

  • Philippines military and CAF have slowly been developing close partnerships over the last couple of years, particularly in cyber. Cyber is becoming one of Canada/CAF’s top means to advance defence cooperation in the Indo-Pacific. We are seeing the same in Japan right now as well. There are a few others, but Philippines and Japan are the furthest along.

• Cohere buys naming rights to Ottawa’s former EY Centre

  • This may not sound like much, but as someone based in Ottawa let me explain to you how major this is. When you leave the Ottawa Airport, the EY Centre (or soon to be Cohere Centre) is the first major thing that you see other than hotels. More importantly, Canada’s largest defence and security expo CANSEC, which happens at the end of this month, is held at the EY Centre. Any major government expo, conference, or event that is large enough is held at the EY Centre. So this is part good marketing and a major flex for Cohere and says a lot about Cohere’s positioning.

• Small municipalities ‘fairly easy target’ for criminals, expert says after RM of Gimli targeted in cyberattack

  • Small-town Gimli hit by cyberattack, currently unable to process bill payments.

• Government of Canada investing in innovation ecosystems and AI to strengthen Saskatchewan’s tech sector

  • Includes $3.8 million for Regional Innovation Ecosystems which will help support Co.Labs and $4.2 million for Reigonal Artificial Intelligence Initiative that will help support Coconut Software Corporation, Vendasta Technologies, TomeTeam live Technologies and the University of Regina.

  • Backgrounder

• Estée Lauder settles class-action lawsuit over 2023 data breaches

• AI strategy pillars, new SMB procurement program revealed in Canada’s Spring Economic Update

  • I was going to write a full breakdown of the economic update, but this quote from the article sums things up: “‘Today’s economic update does little to show that the government is taking the digital economy seriously or using it to strengthen Canada’s major traditional economic strategies,’ Council of Canadian Innovators CEO Patrick Searle said in a release.”

• Government of Canada to announce important initiative to advance Canada’s photonic semiconductor industry

  • Announcement will be tonight, May 4, at 7:00 PM.

• Canadian Security Intelligence Service Public Report 2025

  • CSIS latest public report includes a section on cyber security. Despite how the report makes it sound, CSIS’ role in Canada’s cyber security and defence governance is pretty limited/small.

Canada-Relevant News

As many issues don’t respect borders, this section is for stories that impact Canada, but may not be Canadian-sourced or focused, to differentiate from the previous section, which is 100% focused on Canada

• Your Passwords Are Probably Screwed

  • Password managers should now be mandatory for all employees.

• OpenAI Really Wants Codex to Shut Up About Goblins

  • The great and powerful LLM needs to be told repeatedly to stop talking about goblins. Real transformative technology, huh?

• Video Platform Vimeo Hacked by ‘ShinyHunters’ Gang

  • Breached via Anodot, a business monitoring tool.

• Sudden data center load losses prompt NERC alert, recommendations

  • Data centres not only require massive amounts of power but can also cause massive, unexpected reductions, which can be just as taxing on a power system.

• Meta cuts contractors who reported seeing Ray-Ban Meta users have sex

  • If there’s one thing Meta can’t tolerate, it’s being exposed for its wrongdoing and for how Meta’s core business model is rationalizing unethical and legally dubious activities as perfectly legal.

• 76% of All Crypto Stolen in 2026 Is Now in North Korea

  • Not a big surprise to anyone who keeps an eye on this, but the scale and success of North Korea are still startling.

• Google Adjusts Bug Bounties: Chrome Payouts Drop as Android Rewards Rise Amid AI Surge

  • The surge in AI use for vulnerability discovery is beginning to have a major impact on the industry for bug bounties.

• Nearly every Linux system built since 2017 vulnerable to ‘Copy Fail’ flaw

  • More on this in the next section, but an article for more general reading on this vulnerability.

Canadian Cyber Threat Intelligence

While not all attacks are reported or receive media attention, any notable or open-source cyber attacks on Canadian organizations and any relevant cyber threat intelligence to Canada will be posted here. I only list the Canadian Centre for Cyber Security’s (CCCS) alerts here, not all advisories; follow the full feed here.

• CCCS released three alerts this past week:

  • Alert - AL26-008 - Vulnerability affecting cPanel and WebHost Manager (WHM) - CVE-2026-41940

    • Hackers are actively exploiting a bug in cPanel, used by millions of websites

  • Alert - AL26-010 – Cyber Criminals Social‑Engineering‑Enabled Compromise of Enterprise SaaS Environments

  • Alert - AL26-009 - Vulnerability Affecting Linux - CVE-2026-31431 – Update 1

    • The most severe Linux threat to surface in years catches the world flat-footed

• Apple Fixes Bug That Let FBI Extract Deleted Signal Messages After 404 Media Coverage

• Adapting Zero Trust Principles to Operational Technology

• Careful adoption of agentic AI services

  • Released by Australian Signals Directorate, with support from Five Eyes partners including Canadian Centre for Cyber Security.

• Qilin Ransomware Claims Attack on Manulife Wealth

  • No confirmation/denial from Manulife Wealth yet, but this is one to watch.

Have your business and logo featured in Canadian Cyber in Context with a sponsorship.

Share

Research, Op-Eds, and Events

• Citizen Lab: Tall Tales - How Chinese Actors Use Impersonation and Stolen Narratives to Perpetuate Digital Transnational Repression

  • Great research from Citizen Lab as always.

• Canadian Cybersecurity Network: Offensive Cybersecurity’s Role in Managing Canada’s Cybersecurity Risks: Lessons from the Netherlands

• Recorded Future: Critical Minerals and Cyber Operations

• Upcoming Meetings in Parliament:

  • May 4: Senate begins review of Bill C-8, An Act respecting cyber security

  • May 5: Minister of Public Safety and Justice appear before the House Public Safety and National Security committee to discuss Bill C-22, An Act respecting lawful access.

  • May 7: House Science and Research Committee holds meeting on Canada’s Dual Use and Defence Research Needs

United States News

• Data Centers, Telecommunications Networks, and Space-Based Systems: Modernizing DHS’s SRMA Role for the Communications and IT Sectors

  • The House Homeland Security Committee is holding hearings on digital infrastructure, including space-based systems.

• 96 Korean lawmakers blast US for ‘infringing on judicial sovereignty’ over Coupang probe

  • “The move follows a recent letter sent by 54 House Republican lawmakers, who claimed Korean government and law enforcement authorities’ investigation into Coupang’s massive data breach case is discriminatory against the U.S.-headquartered company.”

  • South Korea has been showing itself to be a model democracy of late and we should all learn from them.

• Cyber Command, NSA chief warns foreign adversaries likely to target midterms

  • Because they’ll likely not receive any realistic response from the United States, or at least Russian interference will be welcomed from the current US administration.

• US Ends Investigation Into Claims WhatsApp Chats Aren’t Private

• US, China partner on scam center takedown in Dubai

  • Rare partnership, but scam centers and scamming/fraud in general is beginning to hit everyone equally.

• Two Americans Who Attacked Multiple U.S. Victims Using ALPHV BlackCat Ransomware Sentenced to Prison

• Prolific Chinese State-Sponsored Contract Hacker Extradited from Italy

  • Hacker allegedly part of China’s Hafnium/APT40

• Congress punts FISA renewal to June

  • Back and forth between the House and Senate to get a bill to renew the Foreign intelligence Surveillance Act (a bill to surveil us Canadians and other non-Americans),

• Senate Judiciary advances bill that would bar minors from interacting with AI companions

• Congress, industry ponder government posture for protecting data centers

  • This is something to watch. The Internet is quite resilient, but succesful strike on a data centre could have major domino effects, let alone targeting military-specific data centres. Of note, the article highlights that “Three providers account for 63 percent of the [global] market share of data centers: Amazon Web Services, Microsoft Azure and Google Cloud Platform",

• Pentagon launches cyber apprenticeship program

  • I’m a big proponent of cybersecurity apprenticeships, but not sure how well the Pentagon will get people right now.

• Former head of ‘Pentagon’s think tank’ joins Anthropic

• Pentagon says US military to be an ‘AI-first’ fighting force

  • The lack of caution will lead to mistakes and a lack of accountability. AI will be used to avoid blame, which means errors won’t be fixed and entropy will plague the US military.

• Medical Device Maker Medtronic Says It’s Been Hacked (h/t Zack Whittacker)

  • “The hack on Medtronic is at least the fourth cyber incident disclosed in recent weeks involving a large U.S. based medtech manufacturer.”

• Hackers earning millions from hijacked cargo, FBI says

  • Seems like an awful coincidence that CBSA systems are down as we begin to identify hackers' role in cargo hijacking.

• White House presses tech companies for support on AI-driven cyberattacks

• Utah first state to hold websites liable for users who mask their location with VPNs — law goes into effect, designed to prevent bypassing age checks

  • Age verification law specifically targets the use of VPNs.

• DOD hosting next Technical Exchange Meeting to update industry on current threat landscape

  • Briefing for private industry of Five Eyes-Only countries.

United Kingdom and European Union News

• MP’s website suffers ‘deliberate’ cyber attack

  • Appears to be run-of-the-mill criminals/scammers despite some of the language used, but this easily be obfuscation.

• France investigates 15-year-old over alleged hack of national ID agency

  • No matter how far we advance, we’ll always have teens at the center of major hacking incidents.

• Trellix Discloses Unauthorized Access to its Source Code (h/t Catalin Cimpanu)

  • Major European security firm Trellix discloses that someone accessed a “portion” of its source code repository. While there is much we don’t know, getting access to source code could help threat actors find ways to compromise it.

• European Commission preliminarily finds Meta in breach of Digital Services Act for failing to prevent minors under 13 from using Instagram and Facebook

  • Meta certainly loves to break the law and privacy, don’t they? It’s increasingly a struggle to understand or rationalize if we can trust them.

• Cyber spies target Russian aviation firms to steal satellite and GPS data

• EU recommends member states to not use Huwaei, ZTE in connectivity infrastructure

  • I honestly thought this was already recommended, but it’s easy to lose track of developments in the EU bureaucracy.

Other International News

• Sri Lanka discloses another missing payment, days after hackers stole $2.5M from its finance ministry

• Japan to set up task force on cyberattack risks from Anthropic’s Mythos AI

• Zambia cancels global digital freedoms conference days before start

  • Appears that China had pressured Zambia to end the conference.

• Chinese Hackers Spied On Cuban Embassy As US Prepared Blockade

  • Not too surprising. Embassies have always been a top target for espionage.

Media of the Week

Have your business and logo featured in Canadian Cyber in Context with a sponsorship.

Share