
Weekly Axis Of Easy #457
Last Week’s Quote was: “Children have neither past nor future; they enjoy the present, which very few of us do,” was by Jean de La Bruyère. Stefan got the answer ! Congrats 🙂
This Week’s Quote: “Arguing that you don’t care about the right to privacy because you have nothing to hide is no different than saying you don’t care about free speech because you have nothing to say.” By ???
THE RULES:No searching up the answer, must be posted at the bottom of this blog post, in the comments section.
The Prize: First person to post the correct answer gets their next domain or hosting renewal on us.
This is your easyDNS #AxisOfEasy Briefing for the week of June 29th, 2026. Our Technology Correspondent Joann L Barnes and easyCEO Mark E. Jeftovic send out a short briefing on the state of the ‘net and how it affects your business, security and privacy.
To Listen/watch this podcast edition with commentary and insight from Joey and Len the Lengend click here.
In this issue:
- Canada’s New Cyber Law Lets a Minister Cut Your Phone Off — No Warrant Required
- CISA Confirms Ransomware Exploitation of Unpatched Microsoft Defender Flaw
- NAIC Cyberattack Exposes Insurer Credit Rating Data via Oracle PeopleSoft Zero-Day
- Anthropic Brings Claude Fable 5 Back Online After Export Control Standoff
- New “ARToken” Phishing Service Exposed as Customer of MFA-Bypassing EvilTokens Kit
Elsewhere Online:

Need to expose localhost with a public URL?
Use tunnel.to for:
- connecting to your local agent (openclaw, hermes)
- local executables
- internal applications
Get a tunnel up and running in under 60 seconds, free.
Supports authentication and (of course) custom domains.
Canada’s New Cyber Law Lets a Minister Cut Your Phone Off — No Warrant Required
Canada’s C-8 (An Act Respecting Cyber Security) gives the Industry Minister power to disconnect any named person’s telecom service without a warrant, court review, or compensation. It also permits warrantless data-sharing with CSIS and the CSE, prompting warnings from OpenMedia, Citizen Lab, and Canada’s Intelligence Commissioner over secrecy and privacy risks.
Critics call it “secrecy by default,” despite limits on encryption decoding. Separately, the law requires critical-infrastructure operators to report breaches within 72 hours, with fines up to $15 million — but no whistleblower protections. A five-year review is the only built-in safeguard.
More via Reclaimthenet
CISA Confirms Ransomware Exploitation of Unpatched Microsoft Defender Flaw
A Microsoft Defender privilege-escalation vulnerability — BlueHammer (CVE-2026-33825) — is being exploited in active ransomware campaigns, CISA has confirmed. A researcher known as Chaotic Eclipse disclosed the flaw on April 2 before Microsoft could patch it, citing frustration with Microsoft’s vulnerability reporting process.
Microsoft patched it April 14 — a 12-day exposure window — though its April 30 advisory still stopped short of confirming exploitation. Huntress verified zero-day exploitation predating the patch. The responsible ransomware group remains unidentified. Notably, CISA doesn’t alert defenders when KEV entries gain ransomware association; GreyNoise offers a free tool to track those updates.
More via Securityweek
NAIC Cyberattack Exposes Insurer Credit Rating Data via Oracle PeopleSoft Zero-Day
The NAIC, a non-profit overseeing the US federal insurance system, was breached through a zero-day vulnerability in Oracle PeopleSoft, part of a broad campaign targeting multiple organizations. Detected June 11 and disclosed June 17, the attack exposed credit rating determinations of insurer investments and already-public statutory financial reporting data.
Personal, payment, and employee data remained secure, as did regulatory systems SERFF, OPTins, UCAA, EDP, and RDC. Some credit rating agencies paused data feeds, temporarily halting NAIC’s investment designation process. FBI coordination is underway. Operations have nearly fully resumed except online invoice payments.
More via Infosecurity-magazine
Anthropic Brings Claude Fable 5 Back Online After Export Control Standoff
Anthropic restored Claude Fable 5 worldwide on July 1, days after the Commerce Department lifted export controls imposed June 12 following an Amazon-discovered jailbreak that exposed exploit-code generation. Anthropic countered that similar flaws exist in rival models, then built a classifier blocking the technique 99% of the time.
Critics split: some called it a safety lapse, others government overreach. Co-founder Tom Brown negotiated the reversal with Secretary Lutnick. Mythos 5 remains limited to ~100 infrastructure firms. Notably, Fable 5 had bypassed the voluntary review framework established June 2.
More via Thehackernews
New “ARToken” Phishing Service Exposed as Customer of MFA-Bypassing EvilTokens Kit
Cisco Talos uncovered “ARToken,” a phishing-as-a-service operator using EvilTokens, a device-code phishing kit that bypasses MFA to silently authenticate attackers as victims in Microsoft 365. Sekoia first flagged EvilTokens in March 2026; Microsoft later reported 10-15 daily campaigns hitting hundreds of organizations.
Talos traced an April 20 attack spoofing a real vendor with a fake SharePoint link leading to a lookalike tenant. ARToken shares EvilTokens’ infrastructure but adds stronger evasion and a full business-email-compromise toolkit—inbox access, email spoofing, and keyword monitoring.
More via Theregister
Elsewhere Online
Legacy Bash Shell Tricks Allow Attackers to Bypass AI Agent Security Guards
Read: https://www.securityweek.com/decades-old-bash-tricks-expose-ai-coding-agents-to-supply-chain-attacks
Unpatched Argo CD Flaw Puts Kubernetes Clusters at Risk of Full Takeover
Read: https://thehackernews.com/2026/07/unpatched-argo-cd-repo-server-flaw.html
Aflac Japan Shuts Down Key Systems Following Massive Customer Data Breach
Read: https://www.infosecurity-magazine.com/news/insurance-giant-aflac-data-breach/
Emerging Bluekit Phishing Kit Bypasses Security by Running Sessions on Hacker Machines
Read: https://hackread.com/bluekit-phishing-uses-browser-in-the-middle-attacks/
Djinn Stealer Exploits Administrative Access to Strip Credentials and DevOps Keys
Read: https://www.darkreading.com/cyberattacks-data-breaches/djinn-stealer-targets-cloud-ai-credentials
Previously on #AxisOfEasy
If you missed the previous issues, they can be read online here:
-
-
-
-
-
-
-
-
-
-
-
-
- June 26th, 2026: House Leaders Strike Deal On KIDS Act—Minus Key Safety Provision
- June 19th, 2026:Canada’s New Bill Would Trade Online Anonymity For “Child Safety”
- June 12th, 2026: Anthropic Splits Its Most Capable Model In Two — One For The Public, One For Cyber Defenders
- June 5th, 2026: Instagram’s AI Chatbot Exploited To Hijack High-Profile Accounts
- May 29th, 2026: Canada’s Bill C-22 Draws Global Tech Backlash Over Surveillance Demands
-
-
-
-
-
-
-
-
-
-
-

Quote by
Edward Snowdon