The Canadian Cyber News Rewire is a survey of Canadian cyber or adjacent news stories from this past week (or recently). Please leave a comment if you think I missed anything.

Questions or Business inquiries: info@cyberincontext.ca

Editor Notes:

• I have two new articles out with the Canadian Global Affairs Institute:

  • Following the Digital Snail’s Trail: The Short History of Canadian Armed Forces Cyber Operations

  • Everything You Should Know About CAF Cyber Command

• I have received a hefty round of feedback on my PhD thesis, so I may be a tad quiet outside the weekly Rewires.

Feature your business in Canadian Cyber in Context through sponsorship or advertising.

Share

Leave a comment

Canadian News

• Ottawa wants CPP investments in ‘sovereign’ AI, but some wonder if it’s even safe (Paywalled)

  • Minister of AI and Digital Innovation should be renamed to Minister for Marketing.

• Trump Wants to Tap Your Phone. Ottawa Might Let Him

  • From what I have heard, the negotiations for cross-border sharing under the US CLOUD Act have been put on pause, but there have been next to no active disclosures by the Canadian government about this so it’s good to be cautious and warn the government about what could happen if they continue them.

• The Canadians Tied to a Russian Influence Scandal Are Back

  • Common theme lately: Far-right extremist influencers love to take Russian money.

• Inside the black box reshaping Canada’s benefits system

  • Great article. This is happening across the government. Amid all the major layoffs across government, they’re specifically looking to AI to make up for those losses.

• Attorney-General’s Department contacted Australian Cyber Security Centre when notified of court privacy breach

  • Litigants in at least 146 court matters were potentially involved in a data breach that is now the subject of a formal complaint with the privacy commissioner in Canada, Senate estimates has been told.

  • Canadian court transcription service VIQ Solutions is involved in a major privacy breach.

• Lastwall raises $16 million to defend critical infrastructure in cyberspace

  • Lastwall is a great Canadian company. With this announcement, they are also hiring.

• BDC backs quantum and cybersecurity firms to strengthen Canada’s defence capability

  • There is massive potential in Canada’s cyber and quantum industries.

• Latest Canadian Army Today

  • The latest Canadian Army Today is out, which includes an article on CloudTAK, which is a great tactical cloud project that I was told about a year or two ago that I’ve been watching closely and great to see it doing so well.

• Canada’s early-stage investment gap “now a sovereignty issue,” BDC says

  • I hate to agree, but companies continue to go to the US in search of investment so we must look for ways to keep them in Canada.

• Ottawa’s latest deal with U.S. data giant Palantir raises warnings

  • Anything Palantir touches cannot be guaranteed to be secure and private. The funny thing about Palantir is that they’re really nothing special. They were just some of the first to make use of big and open-source data for defence and security purposes. They’re way overpriced for what any data analytics firm specializing in security and defence could do.

  • Also, for any journalists working on federal deals with Palantir: Continue digging, there is more that is not public yet.

• Canada’s deal with U.S. data giant Palantir is ‘legitimate,’ defence minister says

  • Keep in mind that McGuinty is very much a talking head and doesn’t think for himself often. This is a farcical response and should be treated with contempt and ridicule. Palantir simply cannot be trusted with the data. In addition, they’re pretty mediocre for a company whose product isn’t special, and any defence/security specializing data analytics firm could do the same.

• Got Questions About AI Data Centres in Vancouver? Here Are Answers

  • A nice breakdown of a lot of the basic 101 of data centres, specifically focused on Vancouver in light of the announcements of new data centres in BC.

• TeleMiracle donors could be part of recent data leak

• AI Chatbots Are Coming to BC Classrooms

  • Microsoft will be providing

• The Internet Has Become Too American to Trust

  • Gets at the heart of what happens when your closest ally and friend can no longer be trusted?

• Charity leaves online safety coalition before announcing Google deal

  • “Boys and Girls Club gets $1.4 million deal with Google soon after leaving advocacy group”

• Canadian crypto platform has rebranded after record fine, analysts say

• Canadian military to send warships, aircraft and 800 personnel to U.S. RIMPAC exercise

  • A “fleet cyber protection group” will be attending, but I would not be surprised if there is a larger CAFCYBERCOM commitment as the Pacific is a big area for partnership building for CAFCYBERCOM right now.

• Ericsson and Government of Canada to build first-of-Its-kind 5G innovation network for defence and public safety

  • Creating the Advanced Wireless Communications Innovation Network (AWIN), a “a groundbreaking platform aimed at advancing public safety, security, and defence systems through next-generation wireless technology.”

• ‘Cybersecurity is not going away,’ says defence advisor

• WonderFi clears final regulatory hurdle to be acquired by Robinhood

  • More news on Canadian corporations being bought by Americans.

• ‘Exercise the utmost caution’: Zara warns customers after possible data breach

• Backgrounder: Canada is strengthening defence, sovereignty, and industrial capacity through investments and partnerships

  • Some big announcements this past week at CANSEC, Canada’s largest defence trade show. There isn’t much directly on cyber, but there is a lot that will impact cyber. Some highlights include Industrial and Technological Benefits Modernization, accelerating and supporting innovation initiatives, creating a Defence Advisory Forum, and more.

• Government of Canada advances investments for Canadians through Supplementary Estimates (A), 2026–27

  • Including $2.8 million for the Vehicle Cyber Security Strategy

• Canadian government spent tens of millions on secret Palantir contract

  • Approximately $44.4 million spent as of October 2025. The focus is on an “elite unit of the military” which we can assume is for JTF2/SOFCOM, but I continue to hear that Palantir is used elsewhere in the government as well.

• Calian and Cohere Partner to Bring Sovereign AI to Defence Industry

  • Honestly surprised more defence companies aren’t rushing to partner with Cohere.

• Ontario Unveils Framework for Defence Industrial Strategy

  • Cybersecurity is recognized/included under this strategy, which is increasingly common to include in broader defence industrial strategies. This makes sense and should happen. However, I fear that cybersecurity will be too closely tied to defence and treated the same, rather than as distinct needs.

• Canada advances priorities on artificial intelligence, quantum technologies and digital innovation at the 2026 G7 Digital Ministers’ Meeting

  • Joint Statement of the Department of Industry, representing the Government of Canada, and the Delegate Ministry for AI and Digital Affairs of the French Republic on Cooperation in Quantum Science and Technologies

• Digital G7 reaches limited deal on child protection, AI energy impact

  • Some good and some bad out of this. A lot of privacy is coming to an end as they “agreed to recognize “a set of principles” to protect children online, notably through “age verification, protection of minors from the design stage of digital services””

• Government of Canada accelerates homegrown AI innovation across Greater Toronto Area

  • Approximately $16.5 million for 13 businesses focuses on AI

  • Includes: Cosm Medical, DMD Building Systems, Edgecom Energy, Future Fertility, Naryant, Private AI (o/a Limina), MarkiTech, MinuteBox, ProteinQure, Stratosphere Technology (o/a Fiscal.ai), Trax.GD Corp (o/a Trax), Vector Institute and VisFuture.

• CRTC’s new rules are one small step for Canadian content, one big blow for Canadian trade

• Canadian Sentenced in D.C. to 33 Years in Sextortion Scheme that Targeted 145 Children in the U.S.

  • Canadian in the US sentenced in sextortion of children.

• In AI era, Canada must protect its critical defence data: Senator Hay

  • Senator Katherine Hay with an opinion article in SenCA+ Magazine.

Bill C-22 Coverage

• Apple, Google blast Canada’s plan to expand police data powers

  • The only people who are speaking favourably about Bill C-22 are the government and the police. That should be telling.

• Committee studying lawful access bill urged to protect encryption, balance privacy with police needs

  • General coverage of concerns surrounding Bill C-22.

• Statement by the Privacy Commissioner of Canada to the House of Commons Standing Committee on Public Safety and National Security on Bill C-22

• Liberals to amend police data interception bill following searing criticism

  • After spending countless hours and energy saying everyone else is wrong, liberals finally relent and agree to changes that literally everyone is complaining about, except the police.

  • It is unclear what the amendments will specifically be at this point, but it seems they want to ensure there is language protecting encryption. Some hints they may address the metadata concerns, but we’ll wait and see what they release.

Parliamentary News & Upcoming Meetings

This section includes any House of Commons and Senate meetings that are potentially relevant to Canadian cyber.

• Senate Committee on National Security, Defence and Veterans Affairs

  • June 1, 4:00 PM to 6:00 PM

    • Meeting Notice: Bill C-8, An Act respecting cyber security, amending the Telecommunications Act and making consequential amendments to other Acts

• House of Commons Committee on Industry and Technology

  • June 1, 3:30 PM to 5:30 PM

    • Meeting Notice: Opportunities, Risks, and Regulation of AI in Canada’s Strategic Industries

• House of Commons Committee on Science and Research

  • June 1, 3:30 PM to 6:00 PM

    • Meeting Notice: Canada’s Dual Use and Defence Research Needs

• Senate Committee on Social Affairs, Science and Technology

  • June 3, 4:15 PM

    • Meeting Notice: Examine and report on matters related to the impact of artificial intelligence in Canada

  • June 4, 10:30 AM

    • Meeting Notice: Examine and report on matters related to the impact of artificial intelligence in Canada

Canada-Relevant News

As many issues don’t respect borders, this section is for stories that impact Canada, but may not be Canadian-sourced or focused, to differentiate from the previous section, which is 100% focused on Canada.

• In his first encyclical, Pope Leo XIV says AI must serve humanity, not the powerful few

  • Inside the unlikely Vatican-Anthropic relationship that’s reshaping the AI ethics debate

• OnlyFans mega leak reveals 340M user records, hackers claim

  • Onlyfans and others are claiming it is false.

• Oura says it gets government demands for user data. Will it share how many?

• IRGC-linked Nimbus Manticore group attacks defense, aerospace, telecom sectors using Minifast malware toolkit

  • Canadians are not specifically listed being targeted, but Canada is often wrapped up

• ‘Lazy’ narrative to connect AI to job cuts, says Nvidia boss Jensen Huang

  • Jensen Huang is a coward. Huang and every other AI evangelist proclaims that this will replace labour and do the job for others, but then refuse to take blame for these impacts. If you give a match to an arsonist, you can’t be shocked that you find fire when you turn your back.

• Microsoft under fire for threatening security researcher with criminal investigation

• Meta legal action forces Facebook whistleblower to sit in silence at Hay festival

• Champion ethical hacker warns AI tools like Mythos will make competing harder

  • This is important because even as AI takes over a lot of the vulnerability discovery industry, they cannot make up for actual skilled hackers. However, this will deny hackers training and career advancement pathways.

Canadian Cyber Threat Intelligence

While not all attacks are reported or receive media attention, any notable or open-source cyber attacks on Canadian organizations and any relevant cyber threat intelligence to Canada will be posted here. I only list the Canadian Centre for Cyber Security’s (CCCS) alerts here, not all advisories; follow the full feed here.

• MITRE moves Caldera cybersecurity platform to Apache Foundation for broader open-source collaboration

• FBI warns extortion hackers are visiting US law firms to steal data

  • Trends in the US usually get mirrored in Canada

• Protecting Cookies with Device Bound Session Credentials

  • Cool new security feature in Chrome.

• Websites have a new way to spy on visitors: Analyzing their SSD activity

  • A crazy potential side channel attack that is done by measuring SSD timing.

• The practice of cyber-threat intelligence in organizations: A socio-technical case study of a mature financial organization (H/T CTO @ NCSC)

  • Interesting article in Computers & Security journal

• Microsoft Authenticator App Details now exposed in Entra SignInLogs

Feature your business in Canadian Cyber in Context through sponsorship or advertising.

Share

Research, Op-Eds, and Events

• National Cybersecurity Consortium 2026 Conference

  • June 17-19, 2026 Montreal, Quebec

• Tech Vets Canada is partnering to provide free cybersecurity training and an opportunity for Canadian veterans to earn the BCIT Industrial Networking for Cybersecurity Professionals cert. Details in the screenshot below.

  

• Digital sovereignty stack: Infrastructure, services, data, and AI knowledge

  • An older article from March, but is a great read and argues that the United States, China, and North Korea are the only countries with digital sovereignty.

• Microsoft’s stance on zero day exploits is a dumpster fire of their own making

  • Microsoft is eroding what little trust it has with the information security community.

United States News

• US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows

  • Canada is experiencing this too, but Canadians thus far feel more heard than Americans, but that could change.

• Trump hobbled top cyber agency just as AI learned to hack

  • CISA is a shell of its former self and barely functional.

• Rudd orders Cyber Command reviews as Pentagon presses reform agenda

  • MITRE is conducting this study, which should provide some very interesting and good results. Going with a non-traditional defence company was 100% the play and great.

• Exclusive: Pentagon says US military personnel are reportedly being targeted using location data

  • '“Wyden said in a statement that it ​was time to ‘start treating the adtech industry as a national security threat.’” The United States previously did this to target individuals, including in Iran. So now others have learned to do the same.

• Ghost hackers: the cybersecurity mystery that nobody has solved

  • Article about the Shadow Brokers, whose identity still remains a mysterious, the group that stole and released NSA hacking tools.

• Iranian hackers responsible for Los Angeles transit system breach, Israeli researchers say

  • Stole approximately 700GB of data. Perhaps there will be concerns for terrorism, but I would largely be concerned about this data being used for additional attacks.

• Cruise giant Carnival confirms data breach affecting nearly 6 million people

  • Quite the big impact. I wouldn’t be surprised if this leads to more cruise-focused attacks.

• NSA Launches Zero Trust Implementation Guidelines Resource Webpage

  • Zero Trust should be the default security architecture. Hopefully eventually we’ll just view it as the norm.

• Charter confirms data breach after ShinyHunters extortion threat

  • Maybe if ShinyHunters breaches enough telecoms, they can remove Chinese APTs from the systems. (This is a joke)

• US NewsUnited flight turns around over Atlantic after Bluetooth device named BOMB

  • This is a bad idea. Don’t do this.

• US Law Enforcement Warns of ‘Anti-Tech Extremism’ as AI Hatred Grows

  • Concerning framing of this by the government. People are losing their livelihoods while major corporations are allowed to profit based on theft. Desperation comes naturally to those in survival mode.

• Cyber Force? Senator pushes to create service branch under the Army

  • This has been a long time coming, but current plan is pretty dumb.

• Mike Lindell’s ‘MyPillow’ is latest target of ransomware attack

• IRS proposal could turn taxpayer facial verification into long-term fraud database

  • This type of data retention is what everyone is worried about in C-22.

United Kingdom and European Union News

• Leaked Documents Reveal Russian ‘Cognitive Strikes’ Against the West — Including Islamophobic ‘Pig Head’ Attacks in Paris

• UK Visa Portal exposed thousands of applicants’ passports and selfies — then called the lawyers on us

  • This is a pretty bad one as passports are one of the most sought documents to fake, so this is a massive win for criminals.

• EU to favour European satellite services to prevent Musk’s Starlink expansion

  • Unsurprising. It is exactly why Canada is likely to favour MDA Space and Telesat.

• Lithuania investigates theft of 600,000 state registry records by foreign actor

• Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany

  • This is possible in many countries.

• Netherlands takes down Botnet of more than 17 million devices dismantled

  • Reportedly tied to Russia.

• [Google Translated] Sweden’s defense ministry rejects tech giants’ clouds for secret data

  • Internal reports call American assurances of cloud services a “false sense of security.” I find no faults with this statement.

• Meet EuroOffice, Europe’s bold alternative to Microsoft 365 promising sovereignty and control

  • Word and Excel are so ubiquitous that they’re easy to imitate with minimal impact on the user.

• Kremlin appoints cyber executive with alleged GRU ties to Security Council role

• UK and Australia pact on fast-moving AI security risks

• European Network of Security Operation Centers (ENSOC) Launches

• Dutch government blocks sale of DigiD owner to US tech giant

• Commission fines Temu €200 million for breaching the Digital Services Act

Other International News

• MP, staffers hacked in WhatsApp attack by ‘foreign state actor’, inquiry told

• China restricts overseas travel for top AI talent at Alibaba and DeepSeek, Bloomberg News reports

  • Not a surprise. They’ve previously done this with top cybersecurity talent.

• Iran’s president orders reopening of international internet access, state media reports

  • A very gradual, small reopening from current data available, but we can expect this to shut down again if/once active hostilities resume.

• Kate Conroy appointed inaugural general manager of Australian AI Safety Institute

  • This is a big win for Australia, Kate Conroy’s work is great.

Canada Buys Watch

I am still building out my monitoring, but I plan to post more Canadian cyber-related procurements here in the future. The focus will initially be DND/CAF, but will expand once I am happy my monitoring workflow is sufficient for DND/CAF.

• Security Control Centre IT Modernization Project

  • Royal Military College is looking for a replacement OT software-as-a-service solution.

  • Closes June 19

• 1x Network Support Specialist Level 2 For Canadian joint Warfare Centre (CJWC) - JCIS CFXNET

  • Closes June 10

• TBIPS - Business Systems Analyst (Level 3) and Business Transformation Architect (Level 3)

  • It looks like the Vice Chief of the Defence Staff appears to be preparing for a major IT modernization, citing PDC2 as an important basis for this.

  • Closes June 8

• RFP - Repair and Overhaul for Strategic Deployable Terminals

  • Satellite Communications (SATCOM) SDT terminals

  • Closes June 30

• RFI-WORLDWIDE SATELLITE COMMUNICATIONS – PROTECTED MILSATCOM TACTICAL (WSC-PMT) PROJECT

  • Defence Investment Agency (DIA) is requesting Industry information and feedback regarding the Worldwide Satellite Communications Protected Military Satellite Communications (MILSATCOM) Tactical (WSC-PMT) Project.

  • Last updated May 19. Closes July 29

Feature your business in Canadian Cyber in Context through sponsorship or advertising.

Share

Media of the Week