The Weekly New Rewire is a survey of Canadian cyber or adjacent news stories from this past week (or recently). Please leave a comment if you think I missed anything.

Questions or Business inquiries: info@cyberincontext.ca

Editor Notes:

• I have two new articles out with the Canadian Global Affairs Institute:

  • Following the Digital Snail’s Trail: The Short History of Canadian Armed Forces Cyber Operations

  • Everything You Should Know About CAF Cyber Command

• I have received a hefty round of feedback on my PhD thesis, so I may be a tad quiet outside the weekly Rewires.

Leave a comment

Feature your business in Canadian Cyber in Context through sponsorship or advertising.

Share

Canadian News

• AI is knocking: Canada’s next productivity story

  • Missed this last week, but the Bank of Canada says it’s not seeing major impacts of AI on jobs… yet.

• Goldman Sachs to acquire Canadian data centre platform QScale

  • This should be a major red flag. This is bad for Canadian digital sovereignty.

• Cohere buys biopharma analytics firm Reliant AI

  • Cohere is on a big acquisition streak of late.

• More on Bill C-22:

  • Digital surveillance Bill C-22 threatens to drive tech firms out of Canada

    • The government’s approach to Bill C-22 is baffling. At this point, they’ve lost the PR battle and it doesn’t even matter if the tech companies and privacy advocates are right or wrong (they are correct), but going with the message that they’re all wrong when they all have the same message rings very hollow.

  • Canadians Value Encryption and Reject Key Surveillance Powers in Bill C-22

    • Brief on Bill C-22 by the Center for Democracy & Technology

• OpenAI partners with 1Password to secure coding agent Codex

  • This is a big win for Toronto-based 1Password.

• 8 people facing charges after cyber-enabled fraud targets federal COVID benefit: RCMP

  • From the Ottawa-Gatineau region and Montreal. Total fraud totalled $364K. The government has been going after absolutely everyone for COVID emergency benefits repayments. Doesn’t matter if you’re a poor, chronically ill student or committing major fraud; the government simply has not cared and has treated both the same.

• One in three Canadian firms hit by AI‑linked cyber incidents – QBE

  • This is both a result of AI being used as a vector of attack and used in attacks on businesses.

• Cyber Attribution Data Centre celebrates its first year at the University of New Brunswick

  • One of the few successful things from Canada’s latest National Cybersecurity Strategy. (Because the government has nearly nothing to do with it)

• Alberta voter data found on website of US company linked to Centurion Project

  • Paywalled, but good reporting.

• Major streamers must pay 15% of revenues to Canadian content, CRTC says

  • A big jump over the previous 5% for the likes of Netflix, Apple, Amazon, and Spotify. Does not have a direct impact on cyber security, but this could have broader industry impacts depending on how the streaming platforms respond. This will likely caue the US to respond as well.

• OpenMedia to SECU: Withdraw Bill C-22 or gut its surveillance provisions

  • Advocating against Bill C-22 - so hot right now

• Canada Is Spending Billions on AI. Why Are Companies Still Fleeing?

  • It’s the usual Canadian story of difficulty moving from R&D and into commercialization and products.

• Ford government freezes FOI requests amid controversy

  • Ontario government doesn’t want to be accountable, so it is stopping all access to information requests. It is just a matter of time before this leads to a massive document leak, as it is the natural consequence when the government doesn’t want the public to know what their government is doing.

• Data of around 1,700 people potentially compromised in Canvas data breach, N.W.T. gov’t says

  • Some province-specific Canvas breach coverage. Someone with enough interest and time could probably estimate the number of people impacted by the province.

• CAFCYBERCOM on the cyber front lines at Exercise BALIKATAN 41-26

  • I’ve seen some descriptions of CAFCYBERCOM’s participation as “live fire.” CAFCYBERCOM maintained the cyber range, according to the article, which is not a big surprise based on CAFCYBERCOM’s growing relationship with the Philippines over the last few years.

• Canadian, U.S. authorities charge Ottawa man in cybercrime operation that infected millions of devices

  • The person is accused of helping to develop and operate the Kimwolf botnet.

• Officials warn thousands of Canadian devices tied to BadBox infections

  • Some Canadian-focused coverage of the BadBox botnet infection of IoT-connected devices.

• LeoList Launches AI-Powered Anti-Fraud Measures to Strengthen Platform Safety

  • The Canadian Craigslist is introducing AI to combat fraud.

• EY Canada takes down study after apparent AI hallucinations

  • Consultancies are in major panic mode right now as there is a belief that AI can replace consultants. This is something believed by the big consultancies themselves, yet they’re going to cause this to happen and show that many of the big consultancies are actually just intellectually and morally bankrupt.

• Edmonton police team up with ‘ethical hackers’ to save cyber victims millions

  • You don’t often see news about ethical hackers/white hat hackers in Canada, so this is nice to see.

• Canada injects millions into AI research program amid “global war” for talent

  • Canada is great at funding research but terrible at funding its commercialization.

• Federal, Provincial and Territorial Ministers Convene First-Ever Red Tape Reduction Meeting

  • Something to keep watch on, unclear if this will actually produce any results or if it will be a big circle to congratulate themselves.

• Ontario Restricting Government Use of Chinese-Made Drones

  • Increasingly performative as

• Ontario Investing $5 Million to Help Small Businesses Adopt Digital Technologies

• Government of Canada announces support for artificial intelligence innovation and commercialization in Alberta

  • Despite being pretty bad at commercialization, they’re at least trying these days. There’s certainly a misunderstanding that additional funding is all that’s needed for commercialization, but progress is progress.

• Canada–Spain artificial intelligence cooperation through new memorandum of understanding

• Government of Canada announces support for artificial intelligence innovation and commercialization in Alberta

• Government of Canada advances wireless connectivity with additional spectrum to support 5G innovation and streamlined tower siting

  • Spectrum auction planned for 2027, specifically intending to support 5G and 6G.

• Alberta ready to lead Canada’s defence sector

  • $21 million investment to grow Alberta’s defence industry, focusing on “advanced electronics and intelligent sensing; space and aerospace technologies; and next-generation uncrewed systems and platforms.”

Parliamentary Meetings

• Senate National Security, Defence and Veterans Affairs

  • Bill C-8, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts

  • May 25, 4:00 PM to 8:00 PM

• House of Commons Committee on Public Safety and National Security

  • Bill C-22, An Act respecting lawful access

  • May 26, 3:30 to 7:30 PM

Canada-Relevant News

As many issues don’t respect borders, this section is for stories that impact Canada, but may not be Canadian-sourced or focused, to differentiate from the previous section, which is 100% focused on Canada.

• GitHub Confirms Breach of Internal Repositories Via Malicious VS Code Extension

  • Soon enough, GitHub will be a proxy war all cyber threat actors and states use.

• Google Search as you know it is over

  • Google might be one of the worst search engines at this point.

• FBI warns students and staff that ShinyHunters may come knocking after Canvas breach

  • This is US-focused, but this applies to Canadians affected as well. Just because they say they destroyed the data doesn’t mean they did.

• Microsoft Took a Step Toward Human Rights Accountability. Google and Amazon (and Others) Should Pay Attention!

  • Microsoft often doesn’t do the right thing, but props to them when they do.

• Discord enables end-to-end encrypted voice and video calling for every user

  • Discord began as a gaming and online culture-focused platform, but it may increasingly be a better platform for enterprises if Discord plays its hand right.

• GitHub confirms being hacked by TeamPCP, says customer data unaffected

  • “Customer data unaffected,” says GitHub. TeamPCP is selling the access for $50K, but will release it for free if no buyer is found. This is a pretty low cost, which makes me wonder about the actual utility.

  • GitHub confirms breach of 3,800 repos via malicious VSCode extension

• A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

  • Ongoing coverage of the above story and the ongoing attacks on open source.

• Shadow AI invades the workplace, up 4x in the last year

  • Many individuals are using AI at work to improve efficiency. This is what businesses want, right? Well, it’s creating massive security holes and leaks. Given how poorly developed a lot of AI remains, this is the norm and will be for a long time.

• Exclusive: Starbucks scraps AI inventory tool across North America

  • Anyone who is mildly informed on current trends and abilities of gen AI and LLMs would have seen this coming. Customers and employees are the alpha testers for most AI these days, which is why there are so many failures. The rush to deploy AI backfires more than it helps.

• Microsoft to stop sending SMS codes for personal accounts

  • This is good. SMS codes are some of the most prone to phishing.

• Cloudflare: Project Glasswing: what Mythos showed us

  • Cloudflare is making good use of Mythos

• I recommend reading these two articles together:

  • How hackers leverage vulnerabilities is majorly in flux right now, but understanding these trends is a mix of statistics, but understanding that most threat actors are not going after 0days.

    • Fears of unfettered hacking spurred by Anthropic’s Mythos AI model overstated

    • Claude Mythos AI Finds 10,000 High-Severity Flaws in Widely Used Software

Canadian Cyber Threat Intelligence

While not all attacks are reported or receive media attention, any notable or open-source cyber attacks on Canadian organizations and any relevant cyber threat intelligence to Canada will be posted here. I only list the Canadian Centre for Cyber Security’s (CCCS) alerts here, not all advisories; follow the full feed here.

• Grafana Labs Security Breach – Hackers Access GitHub and Download Codebase

• Microsoft disrupts Fox Tempest malware-signing-as-a-service platform tied to ransomware gangs

• Verizon: 2026 Data Breach Investigations Report (H/t Catalin Cimpanu)

  • Super interesting data from Verizon. Report says exploitation now greatly exceeds phishing and credential abuse as the primary entry vector. I feel this is some of the first concrete data that shows the rise in AI use by cyber threat actors.

• Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

• Google publishes exploit code threatening millions of Chromium users

• Red Hat security: Hardened, ready, and no cost: Container security evolved

  • Popular Linux distro Red Hat is making hardended images available at no additional cost. Part of an overall effort to improve Red Hat security.

Feature your business in Canadian Cyber in Context through sponsorship or advertising.

Share

Research, Op-Eds, and Events

• National Cybersecurity Consortium 2026 Conference

  • June 17-19, 2026 Montreal, Quebec

• Barracuda Blog: Nightmare-Eclipse: six zero-days, six weeks and one big grudge

  • A profile on Nightmare-Eclipse, an alleged cyber threat actor with a “personal grievance” against Microsoft.

• The Government Tries to Make the Case for Bill C-22: Why Its Own Use Cases Reveal Disproportionate Overreach

  • Another good breakdown of Bill C-22 from the great Michael Geist

• Tech Vets Canada is partnering to provide free cybersecurity training and an opportunity for Canadian veterans to earn the BCIT Industrial Networking for Cybersecurity Professionals cert. Details in the screenshot below.

  

United States News

• CISA Admin Leaked AWS GovCloud Keys on Github

  • This is a really bad one.

• Senator presses CISA for answers about alleged GitHub repository leak

• Anticipated executive order could give NSA a role in voluntary AI model testing

  • This would be an unusual role for the NSA, but not completely far-fetched. In the US, CISA and NSA are two different organizations. The comparable organization in Canada would be the Canadian Centre for Cyber Security (CCCS) and Communications Security Establishment (CSE), but CCCS is part of the CSE, so it would make a little more sense for Canada to do something like this through the CCCS.

• How a government contest launched a revolution in AI-based bug hunting

  • Article on DARPA’s AI Cyber Challenge

• FTC warns 12 major tech firms of violating Take It Down Act

  • Canada doesn’t have an equivalent of the Take It Down Act, but such cases do fall loosely under the existing criminal code, but the criminal code remains focused on non-tech based forms of nonconsensual image sharing.

• Texas, Florida top list of states reporting millions of dollars lost through crypto ATMs

  • Data is increasingly showing that many crypto ATMs are used more often for scams than for legitimate use.

• Law enforcement shuts down VPN service used by two dozen ransomware gangs

• Lawmakers from both parties say CISA cuts have gone too far

  • CISA has been heavily politicized by the Republican party, so they’ve gutted the organization and has made things worse for the US government and people.

• Eight Leading U.S. Communications Firms Form C2 ISAC to Strengthen Cybersecurity Collaboration

  • I’m honestly surprised this didn’t already exist. I was certain something existed like this for Canadian telecoms, but a quick search pulled up nothing.

• Jury rules against Elon Musk in OpenAI lawsuit

  • lol

• Kash Patel’s Apparel Site Is Trying To Trick Visitors Into Installing Malware

  • Due to a poor response from the website’s operators, it is unclear whether the website has been hijacked or if this is intentional. It is likely hijacked, but both options are just as likely considering who owns this website.

• Meta settles school district lawsuit claiming addictive design harmed students’ mental health

  • Unclear what the settlement is, buut the school was after millions to support a centre to help address social media and mental health amongst teens.

• CISA to allow researchers to report vulnerabilities to exploited bugs catalog

• Maritime Facility Cybersecurity Risk Assessment Bill

  • Bill 4564 would mandate cybersecurity risk assessments of software and hardware used in certain maritime facilities by the Coast Guard.

• Foreign Partner Procurement of U.S.-Origin Cyber and Digital Technologies Bill

  • Bill 4570 aims to incentivize, streamline, and sustain United States foreign government partner procurement of United States-origin cyber and digital technologies.

• 7-Eleven confirms data breach claimed by the ShinyHunters gang

• Joint Statement of the Fourth Canada–Baltics “3+1” Foreign Ministers’ Meeting

  • “They agreed to fully leverage CETA to deepen trade and investment ties in critical sectors such as defence, energy and information and communications technologies.”

United Kingdom and European Union News

• Huawei zero-day attack behind last year’s crash of Luxembourg’s entire telecoms network

  • No CVE identifier and flaw hasn’t been disclosed. I feel like it’s even a bit unclear if the zero-day has actually been resolved. Article highlights Huawei’s lack of public disclosure of vulnerabilities, which I would suspect is in part as a result of China’s zero-day disclosure laws.

• UK regulator to require tech firms to tackle deepfakes, non-consensual intimate images

  • Good.

• Draft European Commission guidelines on the classification of high-risk AI systems

  • These are guidelines in accordance with Article 6(5) of the EU AI Act.

• UK plans for cybercrime law reform would protect almost no one, experts warn

  • These reform plans are a bit laughable and suggest that the people authoring them need some subject-matter experts to help.

• The EU Is Going Through a Trump-Fueled Breakup With Big Tech

  • I am pretty jealous of many of the EU's actions of late. The new risks of using American technology mean we must diversify.

• Xi and Putin pledge closer cooperation on AI, cyberspace and satellite systems

  • Modern defence-level cooperation between Russia and China go back decades, but it is not known if there has been any cooperation between the two in cyber. Russia is trying to build their own Great Firewall, so they would have a lot to learn from China.

• Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets

  • Belarus APT is targeting Ukraine again.

• Farage under mounting pressure to prove Russian hack claim

  • The far-right sure loves to take money from Russia and lying about it.

Other International News

• Microsoft’s massive Kenya AI data center would require switching off ‘half the country’ to meet power requirements, government says — $1 billion project stalls over capacity disagreements and lack of infrastructure (h/t Catalin Cimpanu)

• 201 arrests in first-of-its-kind cybercrime operation in MENA region

• Pakistani Government Agencies Allegedly Targeted in Multi-Department Personnel Database Leak

• Hackers breach two Vietnamese ministerial systems in major cyberattack

• China’s mass surveillance of visting foreigners:

  NetAskari

  Sharp Eyes: Mass surveillance of foreigners in China - Part 1

  In our line of work, you have to be lucky sometimes. In a previous post we explained how unsecured and forgotten dashboard and web pages can reveal a lot about China's security and surveillance system. Now, we can reveal a much more detailed insight into how such a system could look like in real life…

  Read more

  6 days ago · 71 likes · 3 comments · NetAskari

NetAskari

Sharp Eyes: Mass surveillance of foreigners in China - Part 2

In our initial report in PART 1 (we recommend to read if you haven't), we dissected a rather interesting dashboard, that illustrated a tracking and surveillance system tailored for the Ministry of Public Security in the prefecture Zhangjiakou. It is labeled as ‘Dynamic Control Platform for Overseas Personnel’ (DCPOP…

Read more

22 minutes ago · 1 like · NetAskari

Canada Buys Watch

I am still building out my monitoring, but I plan to post more Canadian cyber-related procurements here in the future. The focus will initially be DND/CAF, but will expand once I am happy my monitoring workflow is sufficient for DND/CAF.

• Security Control Centre IT Modernization Project

  • Royal Military College is looking for a replacement OT software-as-a-service solution.

  • Closes June 19

• 1x Network Support Specialist Level 2 For Canadian joint Warfare Centre (CJWC) - JCIS CFXNET

  • Closes June 10

• TBIPS - Business Systems Analyst (Level 3) and Business Transformation Architect (Level 3)

  • It looks like the Vice Chief of the Defence Staff appears to be preparing for a major IT modernization, citing PDC2 as an important basis for this.

  • Closes June 8

• RFP - Repair and Overhaul for Strategic Deployable Terminals

  • Satellite Communications (SATCOM) SDT terminals

  • Closes June 30

• RFI-WORLDWIDE SATELLITE COMMUNICATIONS – PROTECTED MILSATCOM TACTICAL (WSC-PMT) PROJECT

  • Defence Investment Agency (DIA) is requesting Industry information and feedback regarding the Worldwide Satellite Communications Protected Military Satellite Communications (MILSATCOM) Tactical (WSC-PMT) Project.

  • Last updated May 19. Closes July 29

Feature your business in Canadian Cyber in Context through sponsorship or advertising.

Share