Key developments
Elections Alberta injunction follows Centurion voter-data claims
On May 6, the Alberta NDP said caucus staff attended an April 16 Centurion Project online meeting where presenters allegedly used a tool labeled "search electors" to display personal voter details, including information tied to former premier Jason Kenney. The dispute comes after Elections Alberta obtained a court injunction against the separatist group and said it had misused the province's electors list, which contains nearly three million adults' names, addresses and phone numbers. Alberta RCMP and Elections Alberta are both investigating, while the UCP says its staff believed the data shown was legally obtained.
Why it matters
The case raises the possibility that a large provincial voter database was improperly accessed or repurposed, with political staff now tied to the meeting where it was shown.
Sources & driving stories
YAHOO
Yahoo coverageTHE GUARDIAN
The Guardian coverageInstructure confirms Canvas breach, ShinyHunters claims theft
Instructure said it experienced a cybersecurity incident in early May affecting Canvas, after limited service disruption appeared on April 30 and a customer notice followed on May 1. On May 2, the ShinyHunters group claimed on Tor to have stolen 3.65 terabytes, while Instructure said the exposed data included names, email addresses, student ID numbers and user messages. The company said it found no evidence that passwords, dates of birth, government identifiers or financial information were compromised, and it restored Canvas Data 2 and Canvas Beta by May 4.
Why it matters
Canvas is widely used across schools and organizations, so even a limited data exposure can create broad phishing and privacy fallout.
Sources & driving stories
CLAIM DEPOT
Claim Depot coverageTECHRADAR
TechRadar coverageMicrosoft says phishing stole tokens from 35,000 users
Microsoft disclosed a mid-April phishing campaign that targeted more than 35,000 users across 26 countries, with 92% of victims in the United States and most targets in healthcare and finance. Attackers used fake code-of-conduct emails, PDF links, fake Cloudflare CAPTCHA pages and a Microsoft sign-in flow to run an adversary-in-the-middle attack that captured authentication tokens in real time. Microsoft said the technique worked even when multifactor authentication was enabled.
Why it matters
The campaign shows how token theft can bypass MFA at scale and expose account access across multiple sectors.
Sources & driving stories
SECURITY AFFAIRS · Pierluigi Paganini
Security Affairs coverageWorth noting
WORTH NOTING
Meta rolls out age-scanning AI
Meta is expanding automated age inference on Facebook and Instagram by analyzing photos, videos and engagement signals, which raises fresh concerns about passive scanning and false positives.
WORTH NOTING
Vimeo breach exposed 119,000 users
A third-party vendor compromise expanded into a Vimeo privacy incident affecting 119,000 users and underscores supply-chain exposure risk.
Still unclear
OPEN QUESTION
Who else accessed Alberta voter data?
The injunction and investigation have not yet established the full scope of access, so the number of people who saw or copied the electors data remains unresolved.
OPEN QUESTION
Were Microsoft tokens reused after theft?
Microsoft said the phishing chain bypassed MFA, but the downstream account impact from captured tokens has not been detailed.