The Weekly New Rewire is a survey of cyber or adjacent news stories that I read this past week (or recently). Please leave a comment if you think I missed anything.

Editor Notes:

• I have two new papers out with the Canadian Global Affairs Institute:

  • Following the Digital Snail’s Trail: The Short History of Canadian Armed Forces Cyber Operations

  • Everything You Should Know About CAF Cyber Command

• Go sign Tanya Janca’s Secure-Coding Petition!

  • The article is finally out and can be read here.

Leave a comment

Share

Canadian News

• Hackers, barns, and breakfast: Why agriculture needs cybersecurity

  • Agriculture cyber security has been a long time coming.

• Rogers and Freedom Mobile say they suffered data breaches in recent weeks

  • Have any Canadian telecoms not suffered a breach?

• Why Does Ottawa Keep Funding Fake Canadian Companies?

  • The definitions of what is a “Canadian” company are very loose. This affects cyber and cloud as we have discussed before, but it has larger economic impact that the government is slowly trying to address.

• Oracle slashes 30,000 jobs with a cold 6 a.m. email

  • Unclear of the direct impact on Canada, but Oracle has a large presence in Canada, especially in government.

  • Oracle fired up to 30,000 workers via email after a 95% profit surge. Tech companies are cutting almost 1,000 jobs/day

• Government of Canada advances digital sovereignty and secure communications through contract extension with BlackBerry

  • Blackberry has shifted away from its cellphone does and does great now in cybersecurity, so they are ones to keep an eye on.

• U.S. targets Canada’s cloud-computing move as trade irritant

  • The United States doesn’t want Canada to have sovereignty. They are incapable of understanding they are the risk we want to avoid.

• Anthropic employee error exposes Claude Code source

  • Company that habitually infringes on other’s copyright is now concerned about their own copyright.

• Microsoft’s Terms of Use says Copilot is only for entertainment purposes

  • Exact wording: “Copilot is for entertainment purposes only. It can make mistakes, and it may not work as intended. Don’t rely on Copilot for important advice. Use Copilot at your own risk.”

    • This should tell you everything you should know about LLMs. They are toys that Microsoft and others are trying to convince you will change the world, while they themselves know it is breaking and making everything worse.

• Exclusive: Meta has discussed ending funding to the Oversight Board

  • This should be grounds to increase litigation against Meta and Facebook. This oversight board was setup due to the overwhelming unethical behaviour on behalf of Facebook, now Meta. Meta stands out amongst social media companies in that they seem to actively try to make things worse, more toxic, and harmful all to produce profit.

  • Stop using Facebook.

• PacifiCan invests $13.8 million to advance defence innovation in AI and aerospace in British Columbia

  • There’s a small, but growing defence and security industry in BC.

• Government of Canada supports aerospace and space innovation to strengthen security, boost prosperity, and enhance sovereign capabilities

• LinkedIn Is Illegally Searching Your Computer

  • Major claims that Microsoft is essentially running one of the largest corporate espionage operations via Linkedin.

• Canadian Armed Forces Cyber Command launches Official Command Badge

  • They’ve had an unofficial patch/bade for a while, so great they now have an official command badge.

    

  • “The green and black field reflects the Command’s integration of signals intelligence, electronic warfare, and cyber operations across the digital and electromagnetic domains. The green represents signals intelligence heritage, while the black represents electronic warfare and operations within the contested electromagnetic spectrum. The chess knight represents the deliberate application of cyber capabilities in both defensive and offensive contexts. A lightning bolt and interlaced rings highlight operational precision and expertise in signals intelligence, while the Royal Crown and maple leaves affirm constitutional authority and national service.”

• Alberta scraps environmental assessment for Kevin O’Leary’s ‘world’s largest’ data centre

  • Still in the planning phases so there’s a chance nothing will come of this, especially with O’Leary attached to this. However, this lack of environmental assessment is likely to become the norm, which sets a concerning precedent due to how major of an impact data centres can have on local environments and populations.

• Officials still investigating what led to cyber incident at London health unit

• CAFCYBERCOM showcases new AI cyber tool at NATO exercise

  • I have heard of this tool before, but I don’t know much about it other than that it’s really well liked and getting a lot of attention

  • “The capability, a Cyber Indications and Warning (I&W) tool, was designed and developed by five members of 33 Signals Regiment working on Class A time since January 2025. Their objective was to explore how large language models could support cyber operations through analysis, translation, and geolocation, while also enabling the seamless sharing of insights into a broader operational picture.”

• Larus awarded an $8.3 million IDEaS Test Drive contract by DND to advance AI/ML in tactical planning and decision intelligence

• ‘Security incident’ may have exposed files of thousands of patients, Waterloo Regional Health Network warns

• Canada’s first full-stack, university-owned quantum computer comes to USask

  • Some of the best uses for quantum computers remain to write academic papers about, but we’re slowly getting to more operational use with hybrid computing.

• NGen announces nearly $80 million for Canadian manufacturers to adopt AI

• Government of Canada launches review of the Privacy Act

  • Canada is LONG overdue for updated privacy laws.

• Canada is expanding high-speed Internet access in Nunavut

  • $86 million federal investment, piggybacks off the $600 million contract w/Telesat

• CDW Canada: Cyberattacks Targeting Canadian Enterprises Surge Nearly 80% Year Over Year

  • Report from CDW Canada has some very interesting info and statistics. Suggest that there is a “security maturity illusion.” which is a common topic, but fascinating that it is getting to a level that a cybersecurity firm is saying it’s impacting the wider Canadian threat surface.

Canadian Cyber Intelligence

While not all attacks are reported or receive media attention, any notable or open-source cyber attacks on Canadian organizations and any relevant cyber intelligence to Canada will be posted here. I only list the Canadian Centre for Cyber Security’s (CCCS) alerts here, not all advisories; follow the full feed here.

• Alert - AL26-006 - Vulnerability impacting Citrix NetScaler ADC and NetScaler Gateway - CVE-2026-3055

  • Critical Citrix NetScaler memory flaw actively exploited in attacks

    • Citrix used to be quite common in Canada amongst businesses, but not sure what its market presence is these days.

• One of the most popular JavaScript packages on earth Axios has been compromised

  • I’ve been saying for a year now that there needs to be industry- and government-wide engagement to address the growing security problem with open-source software.

  • Google links axios supply chain attack to North Korean group

    • Google’s report here

• Iran targets M365 accounts with password-spraying attacks

  • They’ve been doing M365 password spraying for years

• Qilin EDR killer infection chain

• Ransomware detection and file restoration for Google Drive now generally available

• Leaked memo suggests Red Hat’s chugging the AI Kool-Aid

• Critical Claude Code vulnerability: Deny rules silently bypassed because security checks cost too many tokens

• New criminal service plans to monetize data stolen by ransomware gangs

  • This is a particularly concerning innovation. If successful, this will change the cyber crime market.

• DPRK Malware Modularity: Diversity and Functional Specialization

Have your business and logo featured in Canadian Cyber in Context with a sponsorship.

Research, Op-Eds, and Events

Compliance is Cash - Where to Begin with CPCSC

Alexander Rudolph

·

Mar 10

Read full story

• Largest study of its kind shows AI assistants misrepresent news content 45% of the time – regardless of language or territory

  • This will change nothing. Those selling you AI will downplay this.

• Evolution of Ransomware: Multi-Extortion Ransomware Attacks

• The Perils of Privatized Cyberwarfare

  • By Ron Deibert from Citizen Lab, who is on the forefront of defending civilians from privatized cyber warfare.

• Event: Securing AI systems: New challenges and research priorities

  • Being held April 20-21, online attendance is possible.

  Teresa Scassa’s Substack

  Consultation on long overdue Privacy Act reform promises a significant overhaul

  Treasury Board Secretariat has published a discussion paper and launched a consultation into the long-overdue reform of the federal Privacy Act. The consultation is open until July 10, 2026…

  Read more

  21 hours ago · 5 likes · Teresa Scassa

United States News

• Meta ordered to pay $375m after being found liable in child exploitation case

• How Thomson Reuters Powers ICE and Palantir

  • Data brokers generally don’t care about ethics.

• State Department reissues $10 million reward for info on Iranian hackers (Handala)

• Iran threatens Nvidia, Apple and other tech giants with attacks

  • Also includes Cisco, HP, Intel, Oracle, IBM, Dell, Palantir, JPMorgan, Tesla, GE, and more.

• Hasbro takes some systems offline after cybersecurity incident

  • May need a few weeks to recover.

• ‘Serious cyberattack’ impacts phones, public safety systems in Massachusetts towns

• FBI declares suspected Chinese hack of US surveillance system a ‘major cyber incident’

• New NSA director pushes for more intel-sharing with allies in internal meeting

  • This is good to hear. He is former Indo-Pacific deputy commander, so that likely plays a role in his understanding that partnerships are key.

• ICE says it bought Paragon’s spyware to use in drug trafficking cases

  • Acting Director states they will comply with constitutional requirements. Somehow we’re supposed to believe ICE, which has a greater track record than any other agency of infringing on people’s constitutional rights.

  • Rep. Summer Lee, Colleagues Slam DHS Response on ICE Use of Foreign Spyware, Vow Continued Oversight

• CyberCorps grads consider private sector as fed hiring challenges persist

  • CyberCorps is a program of the US Office of Personnel Management to provide scholarship for cybersecurity professionals. It has been a great program to bring cybersecurity professionals in the government and has been a constant source of people. The Trump admin has completely destroyed its government cybersecurity workforce and institutions.

• Even Artemis II Astronauts Have Microsoft Outlook Problems

  • At the end of time and the universe there will be Microsoft Outlook problems.

• DoD still failing to properly mark CUI data years after initial audit

• Commanders now responsible for cybersecurity training after Army cuts online course requirement to once every 5 years

  • This is a hilariously bad idea. China and DPRK have growing and more advanced cyber operations programs, but the Army is relaxing cybersecurity training.

• Mercor, a $10 billion AI startup that works with companies including OpenAI and Anthropic, confirms major data breach

• House Committee Passes Chip Security Act

United Kingdom and European Union News

• The rise of facial recognition policing

  • This is a UK-focused article, but has global implications.

• European Commission downplays ShinyHunters cyberattack impact

  • ShinyHunters do have a history of overblowing their extortion attempts. However, most ransomware and extortion cyber threat actors tend to do the same, so it’s why everything they cyber threat actors claim should always be taken cautiously.

• Europe’s cyber agency blames hacking gangs for massive data breach and leak

  • “The stolen data was then posted online by another hacking group, the notorious ShinyHunters. “

• (Google Translated) An Italian company’s spyware was posing as WhatsApp. Meta: “Affected users notified.”

• UK Regulator Probes Microsoft While Backing Voluntary Cloud Rules

Other International News

• An AI Agent Was Banned From Creating Wikipedia Articles, Then Wrote Angry Blogs About Being Banned

  • Didn’t take them long to ban their first clanker.

• An AI avatar is running to represent Indigenous voters in Colombia

• Australia: Five social media platforms flagged for compliance issues

  • Facebook, Instagram, Snapchat, TikTok and YouTube are being investigated related to Australia’s social media minimum age laws.

• (Google Translated) Korea Internet & Security Agency Launches ‘Ransomware Full Lifecycle Response Task Force’

  • There has been a spat of high level ransomware incidents in South Korea of late, so this is an unsurprising, but welcome response.

• Iran Says It Hit Oracle Facilities in the UAE

  • Not the first data centres hit, but now confirms and shows that data centres are a target in military conflict.

• Sydney Councils Warn Data Centre Boom Is Set To Strain Housing And Utilities

  • Good article as this strain is going on everywhere right now. Because Western countries can no longer trust the United States, there’s a mad rush to develop sovereign data centres.

• Cambodia parliament approves law to combat cybercrime scam rings

• The Hack That Exposed Syria’s Sweeping Security Failures

  • I’m not a fan of this article, but it is important to share. This sort of overlooks the context for which Syria is in and assumes a similar baseline of capacity.

• Mexico Confronts a Silent Cyber War. It Can No Longer Outsource (H/t Sherpa Intelligence, go give them a follow)

  • As Mexico increasingly digitizes, it becomes the primary target in Latin America for cyber attacks.

Have your business and logo featured in Canadian Cyber in Context with a sponsorship.