This is your easyDNS #AxisOfEasy Briefing for the week of March 23rd, 2026. Our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.

To Listen/watch this podcast edition with commentary and insight from Joey and Len the Lengend click here.

In this issue:

• Apple Becomes the UK Government’s Favorite Compliance Officer
• easyDNS releases MCP server and skills for AI agents
• The Petabyte Pivot: Why Your Anime Habits are Now a Telco Tragedy
• DarkSword iOS Exploit Leaked, Threatening Older Apple Devices
• Critical PyPI Attack Compromises litellm 1.82.7–1.82.8
• AI Agents Bypass Security Controls, Raise Insider Threat Concerns
  
  

Elsewhere Online:

• U.S. and International Agencies Disrupt Major IoT Botnets
• New Hackerbot Claw Bot Achieves Remote Code Execution in GitHub Projects
• Hackers Claim Theft of 10.9 Million Records from Rogers Communications and Fido
• Bill C22 Faces Scrutiny Over Mass Surveillance and Secret Government Orders
• FCC Restricts Foreign Made Home Routers to Strengthen National Security
• U.S. Seizes Iranian Websites in Threat and Cyberattack Crackdown
• Wikipedia Under Scrutiny: Coordinated Edits Shape Global Narratives

Still fighting with the OpenClaw install?

Try easyClaw VPS (Beta) — 

Ready-to-go VPS with easyClaw preinstalled so you can deploy and operate faster. Get on the invite list.

Join early access→ https://invite.easyclaw.md

Apple Becomes the UK Government’s Favorite Compliance Officer

Apple quietly rolled out age verification for UK users in iOS 26.4 (9to5Mac) — a feature the company apparently tried to sneak out in beta, then hastily called “an error” when people noticed, and has now officially launched anyway. Users who don’t complete the verification process get Apple’s content restrictions automatically tightened across their device (The Mac Observer,) including web filtering and message scanning. Think of it as your iPhone going into permanent Nanny Mode unless you prove to Tim Cook that you’re a grown-up. UK debit cards won’t work for verification, nor will passports — you’ll need a credit card or a specific photo ID (Apple Community,) because nothing says “protecting children” like excluding the people least likely to have a Visa.

The UK regulator Ofcom was absolutely thrilled, naturally. “Apple’s decision that the UK will be one of the first countries in the world to receive new child safety protections on devices is a real win for children and families,” the agency gushed. (9to5Mac) Meanwhile, back on Planet Reality, NordVPN reported a 1,000% spike in purchases from the UK and Proton VPN saw 1,400% more signups minutes after the Online Safety Act came into effect (AppleInsider) — because that’s what always happens when governments mandate digital ID checkpoints. The surveillance infrastructure gets built, the regulators take a bow, and every technically literate person just routes around it. But hey, at least the kids are safe.

More via The Verge 

easyDNS releases MCP server and skills for AI agents

We’re watching the rise of agentic computing happen in real time. Tools like OpenClaw and its derivatives are spreading like wildfire, and services from Anthropic and OpenAI are making it increasingly practical to automate interactive workflows.

This is the next big technology shift and it’s here, and it’s happening right now.

That’s why we’ve published easydns-mcp on our GitHub – with this your agents can access and (if you allow is) update your DNS zone and mail forwarders.

For more details check the blog or just tell your favourite AI bot to clone the git repo (there’s also an octodns wrapper skill there we released a few weeks ago).

More: https://easydns.com/blog/2026/03/25/easydns-mcp-model-context-protocol-server-for-the-rest-api-now-available/

Github: https://github.com/easydns/easydns-mcp

Octodns-skill: https://github.com/easydns/octodns-skill

And if you’re interested in trying the new easyNode.ai hosted openclaw (“easyClaw”) – get on the waiting list here.

The Petabyte Pivot: Why Your Anime Habits are Now a Telco Tragedy

If you had “Anime Streaming Site” on your 2026 Supply Chain Disaster bingo card, congratulations: you’re as cynical as we are. The ongoing Telus Digital saga has officially graduated from a “limited data incident” to a petabyte-scale masterclass in how not to secure a cloud environment. It turns out that when a threat actor like ShinyHunters finds a set of GCP credentials lying around—allegedly leftover scraps from a previous breach at sales platform Drift—they don’t just look at the furniture; they take the whole house. By pivoting through Telus’s BPO (Business Process Outsourcing) arm, the attackers didn’t just snag internal memos; they managed to compromise Crunchyroll user data, proving once again that your digital security is only as strong as the most exhausted outsourced support agent in the chain.

The real insight here—and the reason this is a textbook #AxisOfEasy moment—is the sheer “cascading failure” of it all. Telus is busy playing whack-a-mole with PR statements while a petabyte of data (that’s 1,000 terabytes of support tickets, call recordings, and background checks) floats around the dark web. Meanwhile, Loblaw is following the classic “nothing to see here” playbook, insisting their breach was “non-critical” while simultaneously forcing millions of PC Optimum users to reset their identities. It’s a stark reminder that in the modern stack, there is no such thing as an isolated incident. If you outsource your customer service or host your identity management on a third-party cloud, you aren’t just buying efficiency—you’re buying a front-row seat to the next great “unauthorized access” gala.

More via TheRecord and Loblaw

DarkSword iOS Exploit Leaked, Threatening Older Apple Devices

Google Threat Intelligence Group (GTIG) has identified DarkSword, an iOS exploit chain active since late 2025, targeting iPhones and iPads running iOS 18.4–18.7 via malicious websites. Used by commercial and state-backed actors in Saudi Arabia, Ukraine, Turkey, and Malaysia, it delivers Ghostblade, Ghostknife, and Ghostsaber, stealing messages, call history, contacts, location, photos, and cryptocurrency apps and wallets (Coinbase, Binance, Ledger, Metamask, etc.) before self-deleting.

Experts warn compromised devices can grant access to cloud and enterprise systems. Apple patched the vulnerabilities in iOS 26.3, but a recent GitHub leak of DarkSword code now enables wider exploitation and potential adaptation by new attackers, increasing the urgency of updates and Lockdown Mode activation.

More via Malwarebytes

Critical PyPI Attack Compromises litellm 1.82.7–1.82.8

On March 24, 2026, malicious litellm releases 1.82.7 and 1.82.8 appeared on PyPI, bypassing GitHub. Reported by FutureSearch, the packages included litellm_init.pth, which harvests SSH keys, cloud credentials, Kubernetes configs, database passwords, and crypto wallets, exfiltrating them to https://models.litellm.cloud/.

It spreads via alpine:latest pods on kube-system nodes and installs persistent backdoors at /root/.config/sysmon/sysmon.py with a systemd service. PyPI yanked the versions; GitHub issue #24512 is closed, and FutureSearch confirmed no user data was affected. Users should remove the package, purge caches, inspect Kubernetes pods, check for persistence, and rotate all credentials.

More via Futuresearch


AI Agents Bypass Security Controls, Raise Insider Threat Concerns

Rogue AI agents “worked together to smuggle sensitive information” in tests by Irregular with OpenAI and Anthropic, reported by The Guardian. Agents assigned simple tasks exposed passwords, bypassed antivirus protections, and pressured peers to ignore safeguards in simulated systems using Google and X. In one case, agents forged admin access to retrieve restricted data without authorization. Dan Lahav warned AI is an insider risk, echoing findings from Harvard University and Stanford University on unpredictable, unsafe behavior.

More via The Guardian 

Curated Posts

Posts added to axisofeasy.com since the last edition:

• The AI Takeover Looks Exactly Like Covid Did In February 2020  (Mar 23) 
• Disclosure Incoming? US Gov regs ALIENS.GOV domain  (Mar 23)

Elsewhere Online:

U.S. and International Agencies Disrupt Major IoT Botnets
Read: https://www.justice.gov/usao-ak/pr/authorities-disrupt-worlds-largest-iot-ddos-botnets-responsible-record-breaking-attacks

New Hackerbot Claw Bot Achieves Remote Code Execution in GitHub Projects
Read: https://www.stepsecurity.io/blog/hackerbot-claw-github-actions-exploitation

Hackers Claim Theft of 10.9 Million Records from Rogers Communications and Fido
Read: https://dailydarkweb.net/rogers-communications-fido-data-breach-exposes-records/

Bill C22 Faces Scrutiny Over Mass Surveillance and Secret Government Orders
Read: https://reclaimthenet.org/canadas-public-safety-minister-defends-mass-surveillance-bill

FCC Restricts Foreign Made Home Routers to Strengthen National Security
Read: https://hackread.com/us-bans-foreign-home-routers-national-security/

U.S. Seizes Iranian Websites in Threat and Cyberattack Crackdown
Read: https://www.thebureau.news/p/doj-seizes-iranian-intelligence-website

Wikipedia Under Scrutiny: Coordinated Edits Shape Global Narratives
Read: https://www.neutralpov.com/p/wikipedia-bans-gang-of-40-editor

Previously on #AxisOfEasy

If you missed the previous issues, they can be read online here:

• • • • • March 20th, 2026: Canada Introduces Bill C-22 For Mandatory Metadata Retention
        • March 13th, 2026: Canada Allows TikTok To Continue Operations With New Safeguards
        • March 6th, 2026: Meta Ray-Ban Glasses Footage Sent To Human Reviewers
        • February 27th, 2026: OpenAI Suppressed Warnings On Mass Shooter Months Before Spree
        • February 20th, 2026: Apple Patches Actively Exploited Zero-Day Across Devices