#AxisOfEasy 449: Canada’s Parliament Is Filing Your Posts About Politicians

Mark E. Jeftovic

Weekly Axis Of Easy #449

Last Week’s Quote was: “Jump, and you will find out how to unfold your wings as you fall.”  was another quote by Ray Bradbury. No one got it.

This Week’s Quote:  “Every argument of “because of the smartphone” or “the Internet” or “social media” is cope, to avoid confronting the catastrophic collapse of incumbent institutional competence over the same timeframe.”   By ???

THE RULES:  No searching up the answer, must be posted at the bottom of this blog post, in the comments section.

The Prize:  First person to post the correct answer gets their next domain or hosting renewal on us.

This is your easyDNS #AxisOfEasy Briefing for the week of May 4th, 2026. Our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.

To Listen/watch this podcast edition with commentary and insight from Joey and Len the Lengend click here.

In this issue:

  • Canada’s Parliament Is Filing Your Posts About Politicians
  • Backdoor Found in Daemon Tools Targets Thousands of Windows Users
  • Linux Kernel “CopyFail” Flaw Under Active Attack — Federal Patch Deadline Set
  • Pro-Iranian Group DDoS Attack Cripples Ubuntu and Canonical During Critical Security Crisis
  • Utah Becomes First U.S. State to Target VPNs in Age Verification Law

Elsewhere Online:

  • Iranian State Hackers Leverage Microsoft Teams in Decoy Ransomware Attacks
  • Security Alert as Palo Alto Networks Targets Patches for Exploited User ID Zero Day
  • US Cybersecurity Workers Imprisoned for Extorting Millions in Partnership with BlackCat Gang
  • Google AppSheet Exploited in Massive Facebook Account Hijacking Campaign
  • Trellix Discloses Unauthorized Access to Source Code Repository


Still fighting with the OpenClaw install?

Try easyClaw VPS (Beta) — 

Ready-to-go VPS with easyClaw preinstalled so you can deploy and operate faster. Get on the invite list.

Join early access→ https://invite.easyclaw.md

 

Canada’s Parliament Is Filing Your Posts About Politicians

Canada’s House of Commons maintains a classified database cataloguing every online post Canadians make about their MPs. Deputy Sergeant-at-Arms Paul Mellon, testifying before a parliamentary committee, confirmed the system tracks “every single incident,” sorting content by tone, gender-based harassment, and misogynistic posts.

Liberal MP Anita Vandenbeld pushed for even more granular identity-based tracking. Files contain both criminal and non-criminal complaints, yet no retention policy, access controls, or consequences for logged individuals have been disclosed — all withheld citing security. The institution being criticized controls the records of that criticism.

More via Reclaim the net


Backdoor Found in Daemon Tools Targets Thousands of Windows Users

Kaspersky has detected an active supply chain attack embedding a malicious backdoor in Daemon Tools, a popular Windows disc imaging app made by Disc Soft. First identified on April 8 and linked to a Chinese-language speaking group, the attack targets thousands of users globally while deploying additional malware on systems across retail, scientific, manufacturing, and government sectors in Russia, Belarus, and Thailand.

TechCrunch confirmed the backdoor via VirusTotal. Disc Soft called it their highest priority but confirmed no specifics. The macOS version and other Disc Soft products remain uninvestigated.

More via TechCrunch

Linux Kernel “CopyFail” Flaw Under Active Attack — Federal Patch Deadline Set

A newly disclosed Linux kernel vulnerability, CVE-2026-31431, is already being actively exploited. Dubbed “CopyFail” and discovered by Theori’s AI-powered platform Xint, the flaw lets low-privileged users gain full root access by tampering with cached cryptographic data — no user interaction required.

A working exploit functions unmodified across Ubuntu 24.04 LTS, Amazon Linux 2023, RHEL 10.1, and SUSE 16, with every mainstream kernel since 2017 at risk. CISA has mandated federal agencies patch by May 15, while Microsoft Defender reports preliminary attacker testing already underway.

More via The Register


Pro-Iranian Group DDoS Attack Cripples Ubuntu and Canonical During Critical Security Crisis

On Thursday, a pro-Iranian group using Beam, a paid “stressor” service disguised as a load-testing tool — recently also used against eBay — launched a sustained, cross-border DDoS attack taking down Ubuntu and Canonical servers.

The timing was particularly damaging, striking hours after researchers released exploit code granting untrusted users root control over virtually all Linux distributions, leaving Ubuntu unable to deliver urgent security guidance. Affected domains included ubuntu.com, canonical.com, and security.ubuntu.com, while mirror sites remained functional. Officials maintained radio silence despite widespread availability of DDoS protection services, including free options.

More via Arstechnica


Utah Becomes First U.S. State to Target VPNs in Age Verification Law

Utah’s Senate Bill 73, signed by Governor Spencer Cox and effective May 6, establishes physical location — not IP address — as the jurisdictional standard for age verification, prohibiting sites from sharing VPN bypass instructions. NordVPN called it an “unresolvable compliance paradox,” while the EFF warned sites may ban all VPN IPs globally.

Experts note the law is technically unenforceable, as reliable VPN detection requires ISP-level infrastructure. Journalists, dissidents, and abuse survivors face the greatest harm. Similar measures are advancing in the UK and France, while Wisconsin scrapped comparable provisions after backlash.

More via Tomshardware

Curated Posts

Posts added to axisofeasy.com since the last edition:

Elsewhere Online:


Iranian State Hackers Leverage Microsoft Teams in Decoy Ransomware Attacks
Read: https://www.bleepingcomputer.com/news/security/muddywater-hackers-use-chaos-ransomware-as-a-decoy-in-attacks/


Security Alert as Palo Alto Networks Targets Patches for Exploited User ID Zero Day
Read: https://www.securityweek.com/palo-alto-networks-to-patch-zero-day-exploited-to-hack-firewalls/


US Cybersecurity Workers Imprisoned for Extorting Millions in Partnership with BlackCat Gang
Read: https://www.infosecurity-magazine.com/news/cybersecurity-workers-jailed/


Google AppSheet Exploited in Massive Facebook Account Hijacking Campaign
Read: https://hackread.com/google-appsheet-facebook-accountdumpling-scam/


Trellix Discloses Unauthorized Access to Source Code Repository
Read: https://www.darkreading.com/cyberattacks-data-breaches/trellix-source-code-breach-supply-chain-threats

 

Previously on #AxisOfEasy

If you missed the previous issues, they can be read online here:

Related Posts

[AxisOfEasy] Australian Government Passes Mandatory Encryption Back-Doors

Weekly Axis Of Easy #78 This week’s quote:  “Do you know what amazes me more than anything else? The impotence of force to organize anything.” …by ???? Last Week’s Quote was  “The most important product of science is knowledge. However, the most important product of knowledge is ignorance” …by David Gross, won once again by Gus, who is on […]

One thought on “#AxisOfEasy 449: Canada’s Parliament Is Filing Your Posts About Politicians

Leave a Reply to Rick Bonsteel Cancel reply

Your email address will not be published. Required fields are marked *