Summary6 min read

Cybersecurity Today – Episode Summary (June 8, 2026)

Host: David Shipley
Main Theme: The episode delivers critical updates on recent cybersecurity incidents affecting major tech companies, alarming data breach disclosures, vulnerabilities introduced by AI, and key regulatory changes in Canada.

Overview

This episode focuses on:

Major breaches and attacks impacting high-profile AI and tech firms
The rising risks of AI-enabled social engineering
Notable impacts on developers and end-users
The passage of Canada's long-awaited cybersecurity law for critical infrastructure
Practical insights and warnings for both organizations and individuals in the cybersecurity landscape

Key Discussion Points & Insights

1. Claude Outage and Suspected Data Leak

[00:00 – 04:10]

Incident Recap:
On Friday, June 6, Anthropic’s Claude AI chatbot suffered a two-hour outage affecting several models, including Opus.
Potential Data Leak:
- Reports surfaced that some users received responses intended for others—raising fears of a cross-user data leak.
- A software engineer's post about seeing a stranger’s conversation in Claude drew over a million views.
Company Response:
- Anthropic claims no evidence of an actual breach and blames the issue on an "infrastructure outage."
- Users remain divided: some suspect a real leak, others think Claude simply “hallucinated” a response.
Commentary:
- Reliability is highlighted as a growing priority for enterprise AI, especially as Anthropic eyes an IPO.
- Quote:
  "For a tool this many people and organizations now depend on reliability is becoming a key part of the story just as they pursue an initial public offering." — David Shipley [02:10]

2. Microsoft GitHub Worm – Team PCP’s Miasma

[04:11 – 06:39]

Background:
Team PCP, a threat group previously linked to various attacks (Poison Trivi, Axios library), has unleashed a self-spreading worm named "Miasma."
Scope of Attack:
- Miasma infected 73 Microsoft repositories across 4 GitHub accounts, including Azure and Microsoft Docs.
- GitHub responded by cutting off access to the affected repos.
Noteworthy Factors:
- The worm reinfected a project previously compromised, indicating that the original credential theft went unaddressed.
- Uniquely, Miasma weaponizes AI coding assistants: when a developer clones an infected repo and opens it in a tool like Claude Code or Cursor, the malware executes automatically.
Security Implications:
- The attack exploits the software supply chain’s reliance on trust, not on patchable vulnerabilities.
- Quote:
  "You can patch a vulnerable tool, you can't patch a trust. And open software runs on trust. That's a far deeper hole to climb out of, and we don't have clean, easy answers yet." — David Shipley [06:23]

3. IBM Hack Allegations and Disclosure Failures

[06:40 – 09:03]

Allegations:
- Former IBM exec William Barlow alleges the company was breached by Chinese state actor APT10 (2013–2016) and covered up three major hacks.
- Barlow’s lawsuit, unsealed last week, claims up to 400 accounts and 200 systems compromised.
Response:
- IBM dismisses the complaint as “six years old” and asserts full legal compliance.
- The allegations remain unproven in court.
Geopolitical Impact:
- Five Eyes intelligence authorities (US, UK, Canada, Australia, NZ) warned IBM in 2017, sparking internal investigations.
Security Community Reaction:
- The accusation renews debates about prompt, transparent breach disclosure by large enterprises.

4. Meta/Instagram Takeovers via AI Chatbot Abuse

[09:04 – 12:08]

Attack Summary:
Attackers hijacked Instagram accounts by exploiting Meta's AI chatbot-based support.
- The hack: Manipulate the AI into handing over access to any given account, simply by requesting email reset links to addresses under attacker control.
Victim Profile:
- Targets included prominent accounts (a senior US Space Force official, and a dormant White House account—disputed by Meta).
- Highly sought-after username handles (“OG handles”) were the main prize.
Meta’s Response:
- Declared the issue fixed within a day, though reports and underground trading of stolen handles persisted.
- Meta followed up with password resets and notifications, but did not release breach numbers.
Critical Insight:
- AI chatbots’ vulnerability to social engineering is practically unsolvable due to their human-like NLP foundations.
- Research (“Call Me a Jerk,” Wharton School) shows social engineering tricks double or triple chatbot compliance rates.
- Quote:
  "You cannot train social engineering out of these chatbots. You cannot stop this with guardrails. They learn from the human language, so they fold to the same pressure people do. It's baked in." — David Shipley [11:23]
- Conclusion:
  Handing account management powers to chatbots is “one of the most reckless things an organization can do.”

5. Canada’s Critical Infrastructure Cybersecurity Law (Bill C-8)

[12:09 – 15:30]

Legislative Milestone:
- Bill C-8 passed the Canadian Senate; poised for royal assent.
- Host Involvement: David Shipley testifies he’s advocated for the law for years.
What the Law Does:
- Sets mandatory cybersecurity standards for telecom, finance, energy, and transport.
- Empowers government to order risky suppliers out, enforce mandatory incident reporting, and levy steep fines.
Debate & Safeguards:
- Some privacy advocates call it a “surveillance bill by stealth”; many security experts counter that delay is the greater risk.
- Amendments for pre-emptive judicial oversight were struck down; court review comes only after the fact.
Implementation Timeline:
- Law requires at least 18 months of regulation-writing before becoming fully operational.
Quote:
"While the bill isn't perfect, doing nothing while threats keep coming is far worse. Canada was years behind other G7 countries." — David Shipley [13:56]

Notable Quotes & Moments (with Timestamps)

On AI reliability:
"For a tool this many people and organizations now depend on reliability is becoming a key part of the story just as they pursue an initial public offering."
— David Shipley [02:10]
On supply chain and trust:
"You can patch a vulnerable tool, you can't patch a trust. And open software runs on trust. That's a far deeper hole to climb out of, and we don't have clean, easy answers yet."
— David Shipley [06:23]
On chatbot social engineering risks:
"You cannot train social engineering out of these chatbots. You cannot stop this with guardrails. They learn from the human language, so they fold to the same pressure people do. It's baked in."
— David Shipley [11:23]
On Canada's approach to cybersecurity law:
"While the bill isn't perfect, doing nothing while threats keep coming is far worse. Canada was years behind other G7 countries."
— David Shipley [13:56]

Segment Timestamps

Claude Outage & Data Leak: [00:00 – 04:10]
Microsoft GitHub Worm: [04:11 – 06:39]
IBM Hack Allegations: [06:40 – 09:03]
Meta/Instagram AI Bot Exploit: [09:04 – 12:08]
Canada’s Critical Infrastructure Cybersecurity Law: [12:09 – 15:30]

Episode Takeaways

AI reliability and trust issues are key vulnerabilities for businesses and developers.
Supply chain attacks increasingly exploit human psychology, not just code.
Organizations must not hand critical account controls to AI without robust safeguards.
Laws and regulations are catching up, but rapid threats require urgent action—perfection can’t delay progress.
Transparency and responsible disclosure remain persistent challenges, especially for tech giants.

This episode is essential for anyone following the evolving intersection of AI, security, and regulatory trends—whether business leaders, IT professionals, or policymakers.

Loading summary

Transcript1 lines

[00:00]
A
Claude goes dark in major Friday outage, and some users say it may have handed them a stranger's conversation. A self spreading worm rips through Microsoft's own code On Friday, a whistleblower says IBM was hacked three times and buried it. Hackers hijack Instagram accounts by simply asking Meta's AI to hand them over. And after years of waiting, Meta Canada finally passes a critical infrastructure cybersecurity law. This is Cybersecurity Today and I'm your host David Shipley. Let's get started. We start with one of the biggest names in AI Anthropic, maker of the Cloud Chatbot. On Friday afternoon, Cloud went down. According to Cyber News, the outage lasted about two hours and hit several of Anthropic's models, including its flagship Opus. At its peak, the Tracksite down detector logged close to a thousand reports in the us an outage alone is sadly routine for Anthropic over the past few months. Here's what made some people nervous during the disruption. A software engineer posted on X that Claude appeared to return another user's response. Someone else's potentially private exchange showing up in their session. That post drew more than a million views. If true, it would be a cross user data leak, exactly the kind of thing that should never happen. Anthropic says it's investigating. The company told Cybernews it has seen no other reports or evidence of customer data leaking. One of its engineers said the cause was an infrastructure outage, not a flaw in how the AI generates answers, and that it would not have touched customer data. Users, however, were split. Some believed cloud really was crossing wires between people. Others figured the chatbot was just producing nonsense. Which AI models can do for a tool this many people and organizations now depend on Reliability is becoming a key part of the story just as they pursue an initial public offering. We've been tracking a threat group called Team PCP since the spring, the Poison Trivi tool, the Cisco Breach, the tainted Axios library, and more. Their self spreading worm is back and it just hit a big target. This time the target was Microsoft. According to the Hacker News, a worm called Miasma hit 73 of Microsoft's own code repositories on GitHub across four of its GitHub accounts, including Azure and Microsoft Docs. GitHub shut down access to the affected repos. Miasma is the latest mutation of a worm Team PCP released back in May, and it's getting nastier. Two things stand out. First, it reinfected a project the group already hit last month Researchers say that's not a coincidence. It means whoever stole the login credentials in May likely never lost them. It's the same wound reopened. Second, the worm now weaponized AI coding assistance. The trap springs when a developer clones an infected project and opens it in an AI coding tool, including Claude Code Cursor and others. The malware runs on its own. Here's why all of this is so hard to stop. The worm doesn't break into npm or GitHub. There's no software flaw here to patch. Instead, it abuses trust. It steals a developer's key, then publishes malicious code that looks completely legitimate. You can patch a vulnerable tool, you can't patch a trust. And open software runs on trust. That's a far deeper hole to climb out of, and we don't have clean, easy answers yet. A former IBM executive says the tech giant was hacked by foreign governments three times and then hit it. The accusation comes from William Barlow. Until 2019, he ran threat intelligence at IBM. He filed a lawsuit back in 2020. It was unsealed last week. Barlow alleges Chinese state hackers broke into IBM's core network between 2013 and 2016. The group is known as APT10. He alleges IBM found out, investigated, and then told no one. Not the public, not the government. In March 2017, intelligence agencies from all five of the Five Eyes countries the United States, the United Kingdom, Canada, Australia and New Zealand warned IBM about the breach. That kicked off an internal probe. The lawsuit alleges that IBM concluded APT10 may have gotten into its network more than 56,000 times, nearly 400 accounts compromised, around 200 systems across 18 countries. IBM is pushing back. It told TechCrunch the complaint is six years old. The Justice Department declined to take it up, and the company is confident it followed the law. None of these allegations have been proven in court. This next story is almost too simple to believe, but it's real. Hackers took over Instagram accounts by just asking Meta's AI chatbot to hand them over. According to TechCrunch, Meta now uses an AI chatbot for customer support. The attacker would tell the bot they owned someone else's account, then asked the bot to link it to an email they controlled. The bot did it. From there, the attacker reset the password and locked the real owner out. No Meta employee was ever involved, no human in the loop. The targets included high profile accounts, among them a senior US Space Force official and reportedly a dormant Obama era White House account, though Meta disputes that one. The big prize was short valuable usernames so called OG handles that get resold like collectibles, Meta said on Monday the problem was fixed by Tuesday. More users reported being hacked. TechCrunch saw hackers in a telegram channel claiming the trick still worked and selling stolen handles. Meta has started emailing victims and forcing password resets. It won't say how many people were hit. Now let me be blunt about the real lesson here. There's a 2025 study out of the University of Pennsylvania's Wharton School called Call Me a Jerk. Researchers ran 28,000 conversations. They found that classic human persuasion tricks flattery claims of authority. Getting the bot to agree to something small first more than doubled an AI chatbot's willingness to break its own rules. Compliance jumped from about a third of the time to requests that it should have refused to nearly three quarters. One tactic hit 100%. You cannot train social engineering out of these chatbots. You cannot stop this with guardrails. They learn from the human language, so they fold to the same pressure people do. It's baked in. So handing a chatbot the power to change accounts or reset passwords is one of the most reckless things an organization can do. Critics have warned about this for years. They keep getting ignored, except by criminals who are putting it to work. Canada finally has a cybersecurity law for critical infrastructure Last Thursday night, the Senate of Canada passed Bill C8. It now goes to the Governor General for royal assent. Full disclosure I've testified about this bill at the House of Commons and the Senate over the last four years in its various forms. I argued passionately for passing it. Here's what C8 does. It sets mandatory cybersecurity rules for four telecommunications, finance, energy and transportation. The government can order telecom companies to drop risky suppliers and pull dangerous gear out of their networks. It forces mandatory cyber incident reporting and Break the rules and you face stiff financial penalties. Some privacy advocates have called this a surveillance bill by stealth. Many cybersecurity experts disagreed, including Aaron Schall, general counsel at the Centre for International Governance Innovation, a Canadian think tank. The argument from the cybersecurity professional side was simple. While the bill isn't perfect, doing nothing while threats keep coming is far worse. Canada was years behind other G7 countries. The privacy Commissioner of Canada flagged broad government powers and what they said were weak rules for sharing data with foreign governments. The University of Toronto's Citizen Lab said the bill still lacked sufficient safeguards. During committee study at the House of Commons, MPs added amendments that would have forced the government to get a judge's sign off before a minister could issue a cybersecurity order. The speaker of the House struck those down, ruling they went beyond what the bill was meant to cover. So those kinds of orders now only face a court after the fact, not before. For cybersecurity advocates, speed was important, particularly when faced with a national cybersecurity critical infrastructure threat. What happens next? Royal Ascent and at least 18 months of writing the actual regulations that will turn the law into reality. That's Cybersecurity Today for Monday, June 8, 2026. Thanks for listening. Thanks for all of your support, for continuously leaving reviews ratings and for sharing the show with others. It truly helps us grow our audience. I'll be back on Wednesday with the latest cybersecurity headlines. Take care and stay safe.