The Weekly New Rewire is a survey of cyber or adjacent news stories that I read this past week (or recently). Please leave a comment if you think I missed anything.

Leave a comment

Editor Notes:

• I have two new papers out with the Canadian Global Affairs Institute:

  • Following the Digital Snail’s Trail: The Short History of Canadian Armed Forces Cyber Operations

  • Everything You Should Know About CAF Cyber Command

• Go sign Tanya Janca’s Secure-Coding Petition!

  • The article is finally out and can be read here.

• Microsoft invited me and other academics, privacy experts, and various business/tech/thought leaders to try to convince us they’re good at protecting Canadian digital sovereignty. I trust them less now. New paper on this soon.

Feature your business in Canadian Cyber in Context through sponsorship.

Share

Canadian News

• A network of YouTube accounts is promoting U.S. annexation to Albertans, researchers say. It has 40M views

  • Dutch YouTube creators behind Alberta separatist videos getting millions of views

    • Some additional research and coverage by CBC

• Canada’s new US economic advisory committee draws backlash from tech leaders

  • This is not surprising. When you have Evan Solomon as your Minister for AI and Emerging Tech, it means you have a cabinet who is illinformed on emerging technology. You need those with knowledge about IP, emerging technology, data, and more. This cabinet has shown that it is illequipped to understand emerging technology and are relying heavily on the bureaucracy, which can only do so much without political leadership.

• Kevin O’Leary pins water licence for $70-billion data centre project on a small Alberta municipality

  • Canadian con-man continues to grift Alberta and Canada. Also, water is wet. The municipality declared an agricultural emergency in 2025, so there is a risk they will be unable to secure water rights.

• Surveillance vendors caught abusing access to telcos to track people’s phone locations, researchers say

  • This is coverage of University of Toronto’s Citizen Lab report. Telcos have been abused for a long time and Canadian telcos are not immune to this.

• New IDEaS Challenges:

  • Multi-modal AI for advanced situational decisions

  • Cognition and trust: Real-time dynamic calibration for human-autonomy teams

  • For those unfamiliar, Innovation for Defence Excellence and Security (IDEaS)

  • Rather than force you into initial lower level funding as a gate to higher level funding, IDEaS is now allowing you to apply to greater levels of funding based on the TRL of the solution..

• Cohere to acquire Germany’s Aleph Alpha in sovereign AI play

  • Major news in Canada, and likely Germany. Cohere has been a Canadian AI darling, building organization-specific tools and LLMs, of which I have generally heard positive things. And at the very least I haven’t heard anything negative.

  • This is being described as a merger, but Cohere is coming out with a bigger edge here and sources tell Betakit that Cohere is buying Alph Alpha, so it is not a merger at all. They are likely playing up the merger angle to keep EU and German regulators and shareholders happy. While there are obvious mercantalist concerns about the Canadian-ness or German-ness of the company as nationalism and sovereignty in commerce continue to rise, this could be a significant boon for Canada and the EU to counter the dominance of US-based AI companies.

• BDC’s new $500-million loan program will help smaller businesses adopt AI

  • “$500-million LIFT initiative (which stands for “Lead with Innovation and Focus on Technology”) connects SMEs with consultants who will help them figure out where AI can best be integrated into their businesses, then provides a loan to get it done.”

  • Sounds like a big cash grab for consultants.

• Cybersecurity incident at Canada Life reportedly impacts thousands

  • As I highlighted last week, a cybersecurity incident at Canada Life is now making Canadian news.

• Data portability and interoperability are key to competition in the digital health care sector

  • These are remarks by Brad Callaghan, Associate Deputy Commissioner of the Policy, Planning and Advocacy Directorate before the Senate Standing Committee on Social Affairs, Science and Technology

• 369 Global Launches The Canadian Centre for Cyber Defence to Strengthen Canada’s Digital Security Posture

  • A non-profit launched by a consulting group to function as a “cybersecurity innovation hub.” The website is full of buzzword bingo, but I remain optimistic about what they intend to accomplish if they are genuine. I’m also not a fan of them specifically taking a name so similar to the government’s Canadian Centre for Cyber Security.

• Toronto police make arrests in text-message cyberattack, 13M disruptions reported

  • I’m actually a bit surprised this is the first time. SMS blasting is a pretty low-level, easy thing to do, but it’s also pretty easy to get caught in most cases.

• Canadian Armed Forces to conduct inaugural active participation in Exercise BALIKATAN

  • United States- and Philippines-led exercise in which CAF Cyber Command will participate.

• Bring military, spy agencies under federal whistleblower law, review report urges

  • There are certain reporting gaps, especially related to CAFCYBERCOM.

• Bill C-22: An Act respecting lawful access - Charter Statement

  • Government releases charter statement regarding Bill C-22. They’re glossing over a lot of issues with this and many privacy experts are not happy.

• Avi Lewis is smart to shed light on surveillance pricing

  • This is an opinion article, but as I have not included anything on the surveillance pricing discussions so far, I felt this was a good introduction.

• OpenAI’s Altman ‘deeply sorry’ company didn’t flag Tumbler Ridge shooter’s messages to police

  • Wrote in a letter, which feels very disingenuine.

• Checking out the political optics of Bell’s AI data centre near Regina

  • The project has a lot of political support, but the community support appears unclear.

• Manitoba to ban social media, AI chatbots for youth, premier says

  • All actors involved are trying to pass the buck on actually managing such bans that inadequate systems are put in place and the average person will lose their privacy.

• Government of Canada invests $23.8 million to help youth build the skills necessary for the evolving digital economy

  • A few similar programs have ended in the last few years, so it is good there is new funding.

• Government of Canada investing in Winnipeg industry to strengthen Canada’s defence capacity

  • Part of this funding goes to StandardAero, which is “[integrating] advanced digital technologies.”

• Government of Canada strengthening our economy and military readiness through new defence investments in Saskatchewan

  • Includes funding for Saskatchewan Polytechnic’s Digital Integration Centre of Excellence.

• Government of Canada invests $976,650 to help more Northern Ontario business diversify and expand into the defence sector

  • Looks like at least some of this is going towards cybersecurity.

• Backgrounder: CanNor invests in projects to strengthen Nunavut’s economy, infrastructure and Arctic security

  • Some of the funding is going to support the Kivalliq Hydro-Fibre Link.

• Locked Shields 2026: 41 Nations Strengthen Cyber Resilience in World’s Biggest Exercise

  • Canada participated in NATO cyber exercise Locked Shields.

Canada-Relevant News

As many issues don’t respect borders, this section is for stories that impact Canada, but may not be Canadian-sourced or focused, to differentiate from the previous section, which is 100% focused on Canada

• Cloud platform Vercel says company breached through third-party AI tool

  • An employee’s use of compromised context.ai that allowed the threat actor to access Vercel via the employee’s google workspace account. This appears to be significant enough to warrant inclusion in this section.

• We translated the Palantir manifesto for actual human beings

  • A good breakdown of Palantir’s fascist manifesto. Palantir operates in Canada, and Canadians should be careful.

• Anthropic secretly installs spyware when you install Claude Desktop

• How Amazon’s AI Algorithms Raise the Prices You Pay

• Your period tracking app has been yapping about your flow to Meta

  • The sharing of women’s health data via apps like this has been going on for years now, so this is an evolution of it to show how major corporations are involved in accessing and hoarding your data.

• Exclusive: SpaceX says unproven AI space data centers may not be commercially viable, filing shows

  • Anyone with a cursory understanding could tell you this. Stop listening to these people who are just perpetually scamming everyone.

• New Gas-Powered Data Centers Could Emit More Greenhouse Gases Than Entire Nations

  • All the work that went into power efficiencies in data centres is going out the window.

• Meta Is Sued Over Scam Ads on Facebook and Instagram

  • Canadians should pay attention to this. It is unclear if Canadians have also been targeted for this from the article itself, but Canadians are often also exposed to the same scams as Americans and could potentially make Meta liable in Canada.

Canadian Cyber Threat Intelligence

While not all attacks are reported or receive media attention, any notable or open-source cyber attacks on Canadian organizations and any relevant cyber threat intelligence to Canada will be posted here. I only list the Canadian Centre for Cyber Security’s (CCCS) alerts here, not all advisories; follow the full feed here.

• Alert - AL25-012 - Vulnerabilities impacting Cisco ASA and FTD devices – CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 – Update 1

• The Internet Changes Before the Advisory Drops (h/t Catalin Cimpanu)

  • Mass-interenet scanning activity now often precedes vulnerability disclosures. This is not a big surprise, but some great data to confirm these indicators.

• Detection strategies across cloud and identities against infiltrating IT workers

  • These days we instantly think North Korea, but

Have your business and logo featured in Canadian Cyber in Context with a sponsorship.

Share

Research, Op-Eds, and Events

• Newly Deciphered Sabotage Malware May Have Targeted Iran’s Nuclear Program—and Predates Stuxnet

  • For cyber conflict historians and analysts this is major news. Gives some additional insight into early/mid-2000s doctrinal and behavioural dynamics of US cyber operations.

  • Full write up here by SentinelLabs

• Op-ed: We can’t trust Palantir with our NHS data

  • Palantir just said it doesn’t want democracy, so can they be trusted in a democracy?

• Citizen Lab Research: Bad Connection: Uncovering Global Telecom Exploitation by Covert Surveillance Actors

• Event, May 4-5 Ottawa: Chips North Executive Summit

  • “Designed as a working summit, CHIPS NORTH is built for alignment on priorities, candid examination of trade-offs, and informed decision-making on the issues shaping the semiconductor sector. The 2026 program brings together strategic plenary sessions and focused, action-oriented discussions to move conversations toward real-world outcomes beyond the event itself.”

• Video: Canadian Defence Procurement 101

  • Roger Cybersecure Catalyst held a Defence Procurement 101 session with Caleb Walker from 123 Cyber and Randy Purse, one of the Catalyst’s senior traners. This has a focus on helping SMEs, particularly cyber or cyber-adjacent, to participate in defence procurement.

• Seeing the Cyber in Economic Statecraft

  • By Jason Blessing, who does great research and whose PhD research influenced mine. A state’s ability to engage in cyber statecraft and cyber defence requires an industry which can support it.

United States News

• Former FBI official proposes terror designations for ransomware hackers targeting hospitals

• Scoop: CISA lacks access to Anthropic’s Mythos

• Cyber Command carried out over 8,000 missions in 2025, director says

  • This is a 25% increase.

• CISA director pick Sean Plankey withdraws his nomination

  • Of all the nominations to oppose and stall, this is the one? CISA is an absolute and complete mess and has lost most of its talent and is barely functional from what I hear.

• US Space Command: Russia is now operationalizing co-orbital ASAT weapons

• US State Department Cancels Visas and Green Cards of Researchers who study Social Media Platforms and Tech Regulators

• Florida Man Working as a Ransomware Negotiator Pleads Guilty to Conspiracy to Deploy Ransomware and Extort U.S. Victims

  • There are increasing amount of negotiators being linked to criminals. Or at least more are being identified.

• A Prominent PR Firm Is Running a Fake News Site That’s Plagiarizing Original Journalism at Incredible Scale

  • This has been occurring for a couple years now, but the fact that major corporations and PR firms are actively trying to degrade our information environment should be a major cause for concern and lawsuits.

• Anthropic takes $5B from Amazon and pledges $100B in cloud spending in return

  • Tech ouroboros.

• Google to invest up to $40B in Anthropic in cash and compute

  • Tech ouroboros.

• Exclusive: Meta to start capturing employee mouse movements, keystrokes for AI training data

  • Meta continues to show how depraved it is.

• Pentagon grapples with securing AI as it moves toward autonomous warfare

  • Drones and AI are one massive attack vector if not handled correctly.

• FCC expands WiFi router ban. What it means for you.

  • US shakedown of router makers continues.

United Kingdom and European Union News

• UK intelligence: 100 nations have spyware that can hack Britain

  • This is the first source to comment on the scale of the issue that could likely be accurate. Researchers have known for a while this is a growing problem, but the scale has not been fully known.

• Investigation into the provider of Telegram and its compliance with duties to protect users from illegal content under the Online Safety Act 2023

  • Investigation into Telegram for allegedly hosting CSAM materials.

• China threatens EU firms over cybersecurity plans targeting Chinese companies

  • Country who legally requires all zero-days to be reported to the government have issues with countries not trusting their cybersecurity firms. China would be taken more seriously if it just acknowledged why people don’t trust them or its companies.

• Commission awards €180 million tender for sovereign cloud to four European providers

  • Canada is watching what Europe does very closely. I would say the EU’s cloud capacity is better than Canada’s, but there is significant potential in Canada.

• UK cyber agency handling four major incidents a week as nation-state attacks surge

  • This is pretty signficant.

• World-first NCSC-engineered device secures vulnerable display links

  • Cool new plug-and-play device that sits between a monitor and computer and protects from malicious connections.

• China’s cyber capabilities now equal to the US, warns Dutch intelligence

  • After completing my dissertation chapter on China last year I would argue that China’s capabilities likely surpass the United States. It all matters on how you measure cyber capabilities, and Dutch intelligence’s assessment is a cautious one.

• Ukraine’s Cyber Division Infiltrates Russian Military Satellite Comms “Gonets” in Multi-Year Breach

• President of German parliament hit by Signal hack, report says

• France confirms data breach at government agency that manages citizens’ IDs

  • “data stolen in the breach could include full names, dates and places of birth, mailing and email addresses, and phone numbers on an undisclosed number of citizens.”

• Italian regulator fines national postal service orgs $15 million for data privacy violations

• Another spyware maker caught distributing fake Android snooping apps

  • This time an Italian spyware maker.

• (Google Translated) A hacker, nicknamed “HexDex,” has been charged and imprisoned after several cyberattacks targeting, among others, sports federations.

  • Individual responsible for a string of cyber attacks in 2025 was arrested.

• Scotland Yard can keep using live facial recognition on people in London, say judges

Other International News

• Sri Lanka Finance Ministry confirms cyber hackers stole funds (H/t Catalin Cimpanu)

  • Threat actors stole $2.5 USD that was diverted during a foreign debt repayment.

• Hackers deployed wiper malware in destructive attacks on Venezuela’s energy sector

  • Criminal groups generally don’t use wiper malware. This is usually the action of a state/APT.

• (Iranian Source) Networking equipment mysteriously malfunctioned at Iranian nuclear site before US/Israeli Strikes (H/t Risky Business)

  • Not a big surprise if true. Iran is one of the most targeted countries for cyber operations by Israel and the United States.

Media of the Week

Have your business and logo featured in Canadian Cyber in Context with a sponsorship.

Share