In this issue:

Bill C-22 Outcry Grows LouderFoxconn Hit by Nitrogen Ransomware, 8 TB of Client Data Stolen ShinyHunters Goes Dark After Serbian Registry Suspends Clearnet Domain npm Worm Hits 518M-Download Packages with Self-Destructing Malware DHS Used a 1930 Customs Law to Unmask a Canadian Critic. The ACLU Is Fighting Back Fake Claude Code Installer Caught Stealing Developer Credentials

https://youtu.be/PXQltgWpBok

In this issue:

Bill C-22 Outcry Grows LouderFoxconn Hit by Nitrogen Ransomware, 8 TB of Client Data Stolen ShinyHunters Goes Dark After Serbian Registry Suspends Clearnet Domain npm Worm Hits 518M-Download Packages with Self-Destructing Malware DHS Used a 1930 Customs Law to Unmask a Canadian Critic. The ACLU Is Fighting Back Fake Claude Code Installer Caught Stealing Developer Credentials

Canada’s Parliament Is Filing Your Posts About Politicians Backdoor Found in Daemon Tools Targets Thousands of Windows Users Linux Kernel “CopyFail” Flaw Under Active Attack — Federal Patch Deadline Set Pro-Iranian Group DDoS Attack Cripples Ubuntu and Canonical During Critical Security Crisis Utah Becomes First U.S. State to Target VPNs in Age Verification Law

In this issue:

Canada’s Parliament Is Filing Your Posts About Politicians Backdoor Found in Daemon Tools Targets Thousands of Windows Users Linux Kernel “CopyFail” Flaw Under Active Attack — Federal Patch Deadline Set Pro-Iranian Group DDoS Attack Cripples Ubuntu and Canonical During Critical Security Crisis Utah Becomes First U.S. State to Target VPNs in Age Verification Law

Toronto Police Bust Canada’s First SMS Blaster Cybercrime Operation CrowdStrike Patches Critical LogScale Vulnerability Allowing Unauthenticated File Access Vercel Breach Traced to Roblox-Seeking “Patient Zero” at Context.ai North Korean Hackers Target 100+ Crypto Firms in Sophisticated Global Phishing Campaign ShinyHunters Leaks Data from Zara, 7-Eleven, and Udemy in Salesforce-Linked Campaign

In this issue:

Toronto Police Bust Canada’s First SMS Blaster Cybercrime Operation CrowdStrike Patches Critical LogScale Vulnerability Allowing Unauthenticated File Access Vercel Breach Traced to Roblox-Seeking “Patient Zero” at Context.ai North Korean Hackers Target 100+ Crypto Firms in Sophisticated Global Phishing Campaign ShinyHunters Leaks Data from Zara, 7-Eleven, and Udemy in Salesforce-Linked Campaign

Unauthorized Group Accesses Anthropic’s Mythos Security Tool Vercel Breached via Compromised Google Workspace OAuth App Canada’s Liberals Move to Revive Online Speech Legislation Crypto Scam Targets Shipping Chaos in Strait of Hormuz Mastodon and Bluesky Hit by DDoS Attacks in Rapid Succession Ethereum gateway domain hijacked on our watch

In this issue:

Unauthorized Group Accesses Anthropic’s Mythos Security Tool Vercel Breached via Compromised Google Workspace OAuth App Canada’s Liberals Move to Revive Online Speech Legislation Crypto Scam Targets Shipping Chaos in Strait of Hormuz Mastodon and Bluesky Hit by DDoS Attacks in Rapid Succession Ethereum gateway domain hijacked on our watch

Internet Content Regulation is Coming To Canada Court Orders OpenAI to Block User in ChatGPT Case Raising Free Speech Concerns Fake Claude “Pro” Site Spreads PlugX Malware via DLL Sideloading n8n Abuse Turns Workflow Automation Tool into Phishing and Malware Delivery Channel AI Agents in GitHub Actions Bypassed via Prompt Injection Fake Microsoft Update Campaign Drops Stealth Infostealer via Electron and Python Chain

In this issue:

Internet Content Regulation is Coming To Canada Court Orders OpenAI to Block User in ChatGPT Case Raising Free Speech Concerns Fake Claude “Pro” Site Spreads PlugX Malware via DLL Sideloading n8n Abuse Turns Workflow Automation Tool into Phishing and Malware Delivery Channel AI Agents in GitHub Actions Bypassed via Prompt Injection Fake Microsoft Update Campaign Drops Stealth Infostealer via Electron and Python Chain

In this issue:

Project Glasswing: Industry Coalition Uses AI to Strengthen Cybersecurity Alberta Bill 23 Targets Political Deepfakes, Expands Petition Limits LinkedIn Faces Legal Action Over Covert Browser Scans AI Agent Banned from Wikipedia Sparks Controversy Hack-for-Hire Campaign Targets Journalists and Officials in Middle East

In this issue:

Project Glasswing: Industry Coalition Uses AI to Strengthen Cybersecurity Alberta Bill 23 Targets Political Deepfakes, Expands Petition Limits LinkedIn Faces Legal Action Over Covert Browser Scans AI Agent Banned from Wikipedia Sparks Controversy Hack-for-Hire Campaign Targets Journalists and Officials in Middle East

Age Verification Laws Reshape the Internet Anthropic’s Claude Code Source Leaked Again Axios Supply Chain Attack Exposes Malicious NPM Dependency Copilot Injects Ads Into Pull Requests as AI’s Subsidy Era Ends Dutch Finance Ministry Cyberattack Disrupts Treasury Portal for 1,600 Public Institutions

In This Issue:

Age Verification Laws Reshape the Internet Anthropic’s Claude Code Source Leaked Again Axios Supply Chain Attack Exposes Malicious NPM Dependency Copilot Injects Ads Into Pull Requests as AI’s Subsidy Era Ends Dutch Finance Ministry Cyberattack Disrupts Treasury Portal for 1,600 Public Institutions

Apple Becomes the UK Government’s Favorite Compliance Officer easyDNS releases MCP server and skills for AI agents The Petabyte Pivot: Why Your Anime Habits are Now a Telco Tragedy DarkSword iOS Exploit Leaked, Threatening Older Apple Devices Critical PyPI Attack Compromises litellm 1.82.7–1.82.8 AI Agents Bypass Security Controls, Raise Insider Threat Concerns

In this issue:

Apple Becomes the UK Government’s Favorite Compliance Officer easyDNS releases MCP server and skills for AI agents The Petabyte Pivot: Why Your Anime Habits are Now a Telco Tragedy DarkSword iOS Exploit Leaked, Threatening Older Apple Devices Critical PyPI Attack Compromises litellm 1.82.7–1.82.8 AI Agents Bypass Security Controls, Raise Insider Threat Concerns

In this issue:

Canada Introduces Bill C-22 For Mandatory Metadata Retention Meta is Ending Instagram Direct Message End-to-End Encryption Invisible Unicode Supply-Chain Attack Hits GitHub Ecosystem Claudy Day: Claude AI Vulnerability Risks Data Theft iPhone Exploit Kit DarkSword Steals Data Worldwide FBI Confirms Purchase of Americans’ Location Data

https://www.youtube.com/watch?v=Ur8cyfPx77M

In this issue:

Canada Introduces Bill C-22 For Mandatory Metadata Retention Meta is Ending Instagram Direct Message End-to-End Encryption Invisible Unicode Supply-Chain Attack Hits GitHub Ecosystem Claudy Day: Claude AI Vulnerability Risks Data Theft iPhone Exploit Kit DarkSword Steals Data Worldwide FBI Confirms Purchase of Americans’ Location Data

Canada Allows TikTok to Continue Operations with New Safeguards Russian government hackers targeting Signal and WhatsApp users, Dutch spies warn AI Misstep Wipes Years of Website Data Chrome Gemini Panel Vulnerability Exposed SSL Certificate Lifetimes Are Shrinking: What the New 47-Day TLS Certificate Rules Mean

In this issue:

Canada Allows TikTok to Continue Operations with New Safeguards Russian government hackers targeting Signal and WhatsApp users, Dutch spies warn AI Misstep Wipes Years of Website Data Chrome Gemini Panel Vulnerability Exposed SSL Certificate Lifetimes Are Shrinking: What the New 47-Day TLS Certificate Rules Mean