Canadian Cyber News Rewire - 23/05/26
Wiring you into the cyber news relevant to Canada the week ending May 16
The Weekly New Rewire is a survey of Canadian cyber or adjacent news stories from this past week (or recently). Please leave a comment if you think I missed anything.
Questions or Business inquiries: info@cyberincontext.ca
Editor Notes:
I have two new articles out with the Canadian Global Affairs Institute:
I have received a hefty round of feedback on my PhD thesis, so I may be a tad quiet outside the weekly Rewires.
Feature your business in Canadian Cyber in Context through sponsorship or advertising.
Canadian News
AI is knocking: Canada’s next productivity story
Missed this last week, but the Bank of Canada says it’s not seeing major impacts of AI on jobs… yet.
Goldman Sachs to acquire Canadian data centre platform QScale
This should be a major red flag. This is bad for Canadian digital sovereignty.
Cohere buys biopharma analytics firm Reliant AI
Cohere is on a big acquisition streak of late.
More on Bill C-22:
Digital surveillance Bill C-22 threatens to drive tech firms out of Canada
The government’s approach to Bill C-22 is baffling. At this point, they’ve lost the PR battle and it doesn’t even matter if the tech companies and privacy advocates are right or wrong (they are correct), but going with the message that they’re all wrong when they all have the same message rings very hollow.
Canadians Value Encryption and Reject Key Surveillance Powers in Bill C-22
Brief on Bill C-22 by the Center for Democracy & Technology
OpenAI partners with 1Password to secure coding agent Codex
This is a big win for Toronto-based 1Password.
8 people facing charges after cyber-enabled fraud targets federal COVID benefit: RCMP
From the Ottawa-Gatineau region and Montreal. Total fraud totalled $364K. The government has been going after absolutely everyone for COVID emergency benefits repayments. Doesn’t matter if you’re a poor, chronically ill student or committing major fraud; the government simply has not cared and has treated both the same.
One in three Canadian firms hit by AI‑linked cyber incidents – QBE
This is both a result of AI being used as a vector of attack and used in attacks on businesses.
Cyber Attribution Data Centre celebrates its first year at the University of New Brunswick
One of the few successful things from Canada’s latest National Cybersecurity Strategy. (Because the government has nearly nothing to do with it)
Alberta voter data found on website of US company linked to Centurion Project
Paywalled, but good reporting.
Major streamers must pay 15% of revenues to Canadian content, CRTC says
A big jump over the previous 5% for the likes of Netflix, Apple, Amazon, and Spotify. Does not have a direct impact on cyber security, but this could have broader industry impacts depending on how the streaming platforms respond. This will likely caue the US to respond as well.
OpenMedia to SECU: Withdraw Bill C-22 or gut its surveillance provisions
Advocating against Bill C-22 - so hot right now
Canada Is Spending Billions on AI. Why Are Companies Still Fleeing?
It’s the usual Canadian story of difficulty moving from R&D and into commercialization and products.
Ford government freezes FOI requests amid controversy
Ontario government doesn’t want to be accountable, so it is stopping all access to information requests. It is just a matter of time before this leads to a massive document leak, as it is the natural consequence when the government doesn’t want the public to know what their government is doing.
Data of around 1,700 people potentially compromised in Canvas data breach, N.W.T. gov’t says
Some province-specific Canvas breach coverage. Someone with enough interest and time could probably estimate the number of people impacted by the province.
CAFCYBERCOM on the cyber front lines at Exercise BALIKATAN 41-26
I’ve seen some descriptions of CAFCYBERCOM’s participation as “live fire.” CAFCYBERCOM maintained the cyber range, according to the article, which is not a big surprise based on CAFCYBERCOM’s growing relationship with the Philippines over the last few years.
The person is accused of helping to develop and operate the Kimwolf botnet.
Officials warn thousands of Canadian devices tied to BadBox infections
Some Canadian-focused coverage of the BadBox botnet infection of IoT-connected devices.
LeoList Launches AI-Powered Anti-Fraud Measures to Strengthen Platform Safety
The Canadian Craigslist is introducing AI to combat fraud.
EY Canada takes down study after apparent AI hallucinations
Consultancies are in major panic mode right now as there is a belief that AI can replace consultants. This is something believed by the big consultancies themselves, yet they’re going to cause this to happen and show that many of the big consultancies are actually just intellectually and morally bankrupt.
Edmonton police team up with ‘ethical hackers’ to save cyber victims millions
You don’t often see news about ethical hackers/white hat hackers in Canada, so this is nice to see.
Canada injects millions into AI research program amid “global war” for talent
Canada is great at funding research but terrible at funding its commercialization.
Federal, Provincial and Territorial Ministers Convene First-Ever Red Tape Reduction Meeting
Something to keep watch on, unclear if this will actually produce any results or if it will be a big circle to congratulate themselves.
Ontario Restricting Government Use of Chinese-Made Drones
Increasingly performative as
Ontario Investing $5 Million to Help Small Businesses Adopt Digital Technologies
Despite being pretty bad at commercialization, they’re at least trying these days. There’s certainly a misunderstanding that additional funding is all that’s needed for commercialization, but progress is progress.
Canada–Spain artificial intelligence cooperation through new memorandum of understanding
Spectrum auction planned for 2027, specifically intending to support 5G and 6G.
Alberta ready to lead Canada’s defence sector
$21 million investment to grow Alberta’s defence industry, focusing on “advanced electronics and intelligent sensing; space and aerospace technologies; and next-generation uncrewed systems and platforms.”
Parliamentary Meetings
Senate National Security, Defence and Veterans Affairs
Bill C-8, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts
May 25, 4:00 PM to 8:00 PM
House of Commons Committee on Public Safety and National Security
Bill C-22, An Act respecting lawful access
May 26, 3:30 to 7:30 PM
Canada-Relevant News
As many issues don’t respect borders, this section is for stories that impact Canada, but may not be Canadian-sourced or focused, to differentiate from the previous section, which is 100% focused on Canada.
GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension
Soon enough, GitHub will be a proxy war all cyber threat actors and states use.
Google Search as you know it is over
Google might be one of the worst search engines at this point.
FBI warns students and staff that ShinyHunters may come knocking after Canvas breach
This is US-focused, but this applies to Canadians affected as well. Just because they say they destroyed the data doesn’t mean they did.
Microsoft often doesn’t do the right thing, but props to them when they do.
Discord enables end-to-end encrypted voice and video calling for every user
Discord began as a gaming and online culture-focused platform, but it may increasingly be a better platform for enterprises if Discord plays its hand right.
GitHub confirms being hacked by TeamPCP, says customer data unaffected
“Customer data unaffected,” says GitHub. TeamPCP is selling the access for $50K, but will release it for free if no buyer is found. This is a pretty low cost, which makes me wonder about the actual utility.
GitHub confirms breach of 3,800 repos via malicious VSCode extension
A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
Ongoing coverage of the above story and the ongoing attacks on open source.
Shadow AI invades the workplace, up 4x in the last year
Many individuals are using AI at work to improve efficiency. This is what businesses want, right? Well, it’s creating massive security holes and leaks. Given how poorly developed a lot of AI remains, this is the norm and will be for a long time.
Exclusive: Starbucks scraps AI inventory tool across North America
Anyone who is mildly informed on current trends and abilities of gen AI and LLMs would have seen this coming. Customers and employees are the alpha testers for most AI these days, which is why there are so many failures. The rush to deploy AI backfires more than it helps.
Microsoft to stop sending SMS codes for personal accounts
This is good. SMS codes are some of the most prone to phishing.
Cloudflare: Project Glasswing: what Mythos showed us
Cloudflare is making good use of Mythos
I recommend reading these two articles together:
How hackers leverage vulnerabilities is majorly in flux right now, but understanding these trends is a mix of statistics, but understanding that most threat actors are not going after 0days.
Canadian Cyber Threat Intelligence
While not all attacks are reported or receive media attention, any notable or open-source cyber attacks on Canadian organizations and any relevant cyber threat intelligence to Canada will be posted here. I only list the Canadian Centre for Cyber Security’s (CCCS) alerts here, not all advisories; follow the full feed here.
Grafana Labs Security Breach – Hackers Access GitHub and Download Codebase
Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs
Verizon: 2026 Data Breach Investigations Report (H/t Catalin Cimpanu)
Super interesting data from Verizon. Report says exploitation now greatly exceeds phishing and credential abuse as the primary entry vector. I feel this is some of the first concrete data that shows the rise in AI use by cyber threat actors.
Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation
Google publishes exploit code threatening millions of Chromium users
Red Hat security: Hardened, ready, and no cost: Container security evolved
Popular Linux distro Red Hat is making hardended images available at no additional cost. Part of an overall effort to improve Red Hat security.
Feature your business in Canadian Cyber in Context through sponsorship or advertising.
Research, Op-Eds, and Events
National Cybersecurity Consortium 2026 Conference
June 17-19, 2026 Montreal, Quebec
Barracuda Blog: Nightmare-Eclipse: six zero-days, six weeks and one big grudge
A profile on Nightmare-Eclipse, an alleged cyber threat actor with a “personal grievance” against Microsoft.
Another good breakdown of Bill C-22 from the great Michael Geist
Tech Vets Canada is partnering to provide free cybersecurity training and an opportunity for Canadian veterans to earn the BCIT Industrial Networking for Cybersecurity Professionals cert. Details in the screenshot below.
United States News
CISA Admin Leaked AWS GovCloud Keys on Github
This is a really bad one.
Senator presses CISA for answers about alleged GitHub repository leak
Anticipated executive order could give NSA a role in voluntary AI model testing
This would be an unusual role for the NSA, but not completely far-fetched. In the US, CISA and NSA are two different organizations. The comparable organization in Canada would be the Canadian Centre for Cyber Security (CCCS) and Communications Security Establishment (CSE), but CCCS is part of the CSE, so it would make a little more sense for Canada to do something like this through the CCCS.
How a government contest launched a revolution in AI-based bug hunting
Article on DARPA’s AI Cyber Challenge
FTC warns 12 major tech firms of violating Take It Down Act
Canada doesn’t have an equivalent of the Take It Down Act, but such cases do fall loosely under the existing criminal code, but the criminal code remains focused on non-tech based forms of nonconsensual image sharing.
Texas, Florida top list of states reporting millions of dollars lost through crypto ATMs
Data is increasingly showing that many crypto ATMs are used more often for scams than for legitimate use.
Law enforcement shuts down VPN service used by two dozen ransomware gangs
Lawmakers from both parties say CISA cuts have gone too far
CISA has been heavily politicized by the Republican party, so they’ve gutted the organization and has made things worse for the US government and people.
Eight Leading U.S. Communications Firms Form C2 ISAC to Strengthen Cybersecurity Collaboration
I’m honestly surprised this didn’t already exist. I was certain something existed like this for Canadian telecoms, but a quick search pulled up nothing.
Jury rules against Elon Musk in OpenAI lawsuit
lol
Kash Patel’s Apparel Site Is Trying To Trick Visitors Into Installing Malware
Due to a poor response from the website’s operators, it is unclear whether the website has been hijacked or if this is intentional. It is likely hijacked, but both options are just as likely considering who owns this website.
Meta settles school district lawsuit claiming addictive design harmed students’ mental health
Unclear what the settlement is, buut the school was after millions to support a centre to help address social media and mental health amongst teens.
CISA to allow researchers to report vulnerabilities to exploited bugs catalog
Maritime Facility Cybersecurity Risk Assessment Bill
Bill 4564 would mandate cybersecurity risk assessments of software and hardware used in certain maritime facilities by the Coast Guard.
Foreign Partner Procurement of U.S.-Origin Cyber and Digital Technologies Bill
Bill 4570 aims to incentivize, streamline, and sustain United States foreign government partner procurement of United States-origin cyber and digital technologies.
7-Eleven confirms data breach claimed by the ShinyHunters gang
Joint Statement of the Fourth Canada–Baltics “3+1” Foreign Ministers’ Meeting
“They agreed to fully leverage CETA to deepen trade and investment ties in critical sectors such as defence, energy and information and communications technologies.”
United Kingdom and European Union News
Huawei zero-day attack behind last year’s crash of Luxembourg’s entire telecoms network
No CVE identifier and flaw hasn’t been disclosed. I feel like it’s even a bit unclear if the zero-day has actually been resolved. Article highlights Huawei’s lack of public disclosure of vulnerabilities, which I would suspect is in part as a result of China’s zero-day disclosure laws.
UK regulator to require tech firms to tackle deepfakes, non-consensual intimate images
Good.
Draft European Commission guidelines on the classification of high-risk AI systems
These are guidelines in accordance with Article 6(5) of the EU AI Act.
UK plans for cybercrime law reform would protect almost no one, experts warn
These reform plans are a bit laughable and suggest that the people authoring them need some subject-matter experts to help.
The EU Is Going Through a Trump-Fueled Breakup With Big Tech
I am pretty jealous of many of the EU's actions of late. The new risks of using American technology mean we must diversify.
Xi and Putin pledge closer cooperation on AI, cyberspace and satellite systems
Modern defence-level cooperation between Russia and China go back decades, but it is not known if there has been any cooperation between the two in cyber. Russia is trying to build their own Great Firewall, so they would have a lot to learn from China.
Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets
Belarus APT is targeting Ukraine again.
Farage under mounting pressure to prove Russian hack claim
The far-right sure loves to take money from Russia and lying about it.
Other International News
201 arrests in first-of-its-kind cybercrime operation in MENA region
Pakistani Government Agencies Allegedly Targeted in Multi-Department Personnel Database Leak
Hackers breach two Vietnamese ministerial systems in major cyberattack
China’s mass surveillance of visting foreigners:
Canada Buys Watch
I am still building out my monitoring, but I plan to post more Canadian cyber-related procurements here in the future. The focus will initially be DND/CAF, but will expand once I am happy my monitoring workflow is sufficient for DND/CAF.
Security Control Centre IT Modernization Project
Royal Military College is looking for a replacement OT software-as-a-service solution.
Closes June 19
1x Network Support Specialist Level 2 For Canadian joint Warfare Centre (CJWC) - JCIS CFXNET
Closes June 10
TBIPS - Business Systems Analyst (Level 3) and Business Transformation Architect (Level 3)
It looks like the Vice Chief of the Defence Staff appears to be preparing for a major IT modernization, citing PDC2 as an important basis for this.
Closes June 8
RFP - Repair and Overhaul for Strategic Deployable Terminals
Satellite Communications (SATCOM) SDT terminals
Closes June 30
RFI-WORLDWIDE SATELLITE COMMUNICATIONS – PROTECTED MILSATCOM TACTICAL (WSC-PMT) PROJECT
Defence Investment Agency (DIA) is requesting Industry information and feedback regarding the Worldwide Satellite Communications Protected Military Satellite Communications (MILSATCOM) Tactical (WSC-PMT) Project.
Last updated May 19. Closes July 29
Thank you for another great informative article. So, regarding AI data centres acquisition by American firms, where is Evan Solomon or any federal employee flagging these concerning trends. It appears to go against the intent of PM Carney’s statements of digital, cloud, other sovereignty.
And how can the feds fund similar data centres acquisition development in Alberta?
Given the typical Canadian track record of domestic support for domestic industries; let me guess. They’ll pour significant funds into same, success will be met and then oops! An American firm bought it. Good bye, funds.
On another matter, I pray the feds retain a large (or at least an influential voice) portion of the commercialization of the Canadian Photonics Laboratory.