Instagram’s AI Chatbot Exploited to Hijack High-Profile Accounts Red Hat npm Channel Hijacked to Spread Credential-Stealing Worm AI-Powered Malware Lab Targets Major EDR Platforms IMA Diligence Services Data Breach Exposes 525,000+ Victims to Genesis Ransomware Group Microsoft Backs Down After Security Researcher Backlash

In this issue:

Instagram’s AI Chatbot Exploited to Hijack High-Profile Accounts Red Hat npm Channel Hijacked to Spread Credential-Stealing Worm AI-Powered Malware Lab Targets Major EDR Platforms IMA Diligence Services Data Breach Exposes 525,000+ Victims to Genesis Ransomware Group Microsoft Backs Down After Security Researcher Backlash

Canada’s Bill C-22 Draws Global Tech Backlash Over Surveillance Demands Microsoft’s Email System Exploited for Months in Phishing Campaign Texas AG Sues Meta Over WhatsApp Encryption Claims — But Experts Are Skeptical AI-Generated npm Malware Targets Claude Users, Exposes Itself With Rookie Mistake 7-Eleven Data Breach Exposes 185,000 Customers’ Personal Information GPG Email Forwarding Returns, Because Plaintext Was Apparently a Bad Idea

In this issue:

Canada’s Bill C-22 Draws Global Tech Backlash Over Surveillance Demands Microsoft’s Email System Exploited for Months in Phishing Campaign Texas AG Sues Meta Over WhatsApp Encryption Claims — But Experts Are Skeptical AI-Generated npm Malware Targets Claude Users, Exposes Itself With Rookie Mistake 7-Eleven Data Breach Exposes 185,000 Customers’ Personal Information GPG Email Forwarding Returns, Because Plaintext Was Apparently a Bad Idea

Ontario Police Secretly Used Israeli Spyware, Watchdog Finds Microsoft Dismantles Fox Tempest, a Ransomware-Enabling Code-Signing Operation Canada Promotes VPNs While Passing a Law to Kill Them GitHub Breached: 4,000 Private Repos Stolen via Poisoned VS Code Extension CISA Contractor Exposes Federal Cloud Credentials on Public GitHub for Six Months

In this issue:

Ontario Police Secretly Used Israeli Spyware, Watchdog Finds Microsoft Dismantles Fox Tempest, a Ransomware-Enabling Code-Signing Operation Canada Promotes VPNs While Passing a Law to Kill Them GitHub Breached: 4,000 Private Repos Stolen via Poisoned VS Code Extension CISA Contractor Exposes Federal Cloud Credentials on Public GitHub for Six Months

In this issue:

Bill C-22 Outcry Grows LouderFoxconn Hit by Nitrogen Ransomware, 8 TB of Client Data Stolen ShinyHunters Goes Dark After Serbian Registry Suspends Clearnet Domain npm Worm Hits 518M-Download Packages with Self-Destructing Malware DHS Used a 1930 Customs Law to Unmask a Canadian Critic. The ACLU Is Fighting Back Fake Claude Code Installer Caught Stealing Developer Credentials

https://youtu.be/PXQltgWpBok

In this issue:

Bill C-22 Outcry Grows LouderFoxconn Hit by Nitrogen Ransomware, 8 TB of Client Data Stolen ShinyHunters Goes Dark After Serbian Registry Suspends Clearnet Domain npm Worm Hits 518M-Download Packages with Self-Destructing Malware DHS Used a 1930 Customs Law to Unmask a Canadian Critic. The ACLU Is Fighting Back Fake Claude Code Installer Caught Stealing Developer Credentials

Canada’s Parliament Is Filing Your Posts About Politicians Backdoor Found in Daemon Tools Targets Thousands of Windows Users Linux Kernel “CopyFail” Flaw Under Active Attack — Federal Patch Deadline Set Pro-Iranian Group DDoS Attack Cripples Ubuntu and Canonical During Critical Security Crisis Utah Becomes First U.S. State to Target VPNs in Age Verification Law

In this issue:

Canada’s Parliament Is Filing Your Posts About Politicians Backdoor Found in Daemon Tools Targets Thousands of Windows Users Linux Kernel “CopyFail” Flaw Under Active Attack — Federal Patch Deadline Set Pro-Iranian Group DDoS Attack Cripples Ubuntu and Canonical During Critical Security Crisis Utah Becomes First U.S. State to Target VPNs in Age Verification Law

Toronto Police Bust Canada’s First SMS Blaster Cybercrime Operation CrowdStrike Patches Critical LogScale Vulnerability Allowing Unauthenticated File Access Vercel Breach Traced to Roblox-Seeking “Patient Zero” at Context.ai North Korean Hackers Target 100+ Crypto Firms in Sophisticated Global Phishing Campaign ShinyHunters Leaks Data from Zara, 7-Eleven, and Udemy in Salesforce-Linked Campaign

In this issue:

Toronto Police Bust Canada’s First SMS Blaster Cybercrime Operation CrowdStrike Patches Critical LogScale Vulnerability Allowing Unauthenticated File Access Vercel Breach Traced to Roblox-Seeking “Patient Zero” at Context.ai North Korean Hackers Target 100+ Crypto Firms in Sophisticated Global Phishing Campaign ShinyHunters Leaks Data from Zara, 7-Eleven, and Udemy in Salesforce-Linked Campaign

Unauthorized Group Accesses Anthropic’s Mythos Security Tool Vercel Breached via Compromised Google Workspace OAuth App Canada’s Liberals Move to Revive Online Speech Legislation Crypto Scam Targets Shipping Chaos in Strait of Hormuz Mastodon and Bluesky Hit by DDoS Attacks in Rapid Succession Ethereum gateway domain hijacked on our watch

In this issue:

Unauthorized Group Accesses Anthropic’s Mythos Security Tool Vercel Breached via Compromised Google Workspace OAuth App Canada’s Liberals Move to Revive Online Speech Legislation Crypto Scam Targets Shipping Chaos in Strait of Hormuz Mastodon and Bluesky Hit by DDoS Attacks in Rapid Succession Ethereum gateway domain hijacked on our watch

Internet Content Regulation is Coming To Canada Court Orders OpenAI to Block User in ChatGPT Case Raising Free Speech Concerns Fake Claude “Pro” Site Spreads PlugX Malware via DLL Sideloading n8n Abuse Turns Workflow Automation Tool into Phishing and Malware Delivery Channel AI Agents in GitHub Actions Bypassed via Prompt Injection Fake Microsoft Update Campaign Drops Stealth Infostealer via Electron and Python Chain

In this issue:

Internet Content Regulation is Coming To Canada Court Orders OpenAI to Block User in ChatGPT Case Raising Free Speech Concerns Fake Claude “Pro” Site Spreads PlugX Malware via DLL Sideloading n8n Abuse Turns Workflow Automation Tool into Phishing and Malware Delivery Channel AI Agents in GitHub Actions Bypassed via Prompt Injection Fake Microsoft Update Campaign Drops Stealth Infostealer via Electron and Python Chain

In this issue:

Project Glasswing: Industry Coalition Uses AI to Strengthen Cybersecurity Alberta Bill 23 Targets Political Deepfakes, Expands Petition Limits LinkedIn Faces Legal Action Over Covert Browser Scans AI Agent Banned from Wikipedia Sparks Controversy Hack-for-Hire Campaign Targets Journalists and Officials in Middle East

In this issue:

Project Glasswing: Industry Coalition Uses AI to Strengthen Cybersecurity Alberta Bill 23 Targets Political Deepfakes, Expands Petition Limits LinkedIn Faces Legal Action Over Covert Browser Scans AI Agent Banned from Wikipedia Sparks Controversy Hack-for-Hire Campaign Targets Journalists and Officials in Middle East

Age Verification Laws Reshape the Internet Anthropic’s Claude Code Source Leaked Again Axios Supply Chain Attack Exposes Malicious NPM Dependency Copilot Injects Ads Into Pull Requests as AI’s Subsidy Era Ends Dutch Finance Ministry Cyberattack Disrupts Treasury Portal for 1,600 Public Institutions

In This Issue:

Age Verification Laws Reshape the Internet Anthropic’s Claude Code Source Leaked Again Axios Supply Chain Attack Exposes Malicious NPM Dependency Copilot Injects Ads Into Pull Requests as AI’s Subsidy Era Ends Dutch Finance Ministry Cyberattack Disrupts Treasury Portal for 1,600 Public Institutions