Close-up of a brass padlock resting on an illuminated green circuit board with visible traces and solder points

Today in Surveillance:

  • The TrapDoor supply chain attack poisoned AI coding assistants. Attackers planted hidden instructions in CLAUDE.md and .cursorrules files across 34 malicious packages on npm, PyPI, and Crates.io, tricking AI tools into silently stealing developer credentials, crypto wallets, and SSH keys.
  • ShinyHunters breached the European Commission, 7-Eleven, and Vimeo in a single month. The group stole 350GB from the EU's cloud systems, exposed 185,000 7-Eleven applicants' Social Security numbers, and leaked 119,000 Vimeo users' data, all through third-party vendor compromises.
  • Canada's encryption backdoor bill is triggering a tech exodus. Shopify's CEO called Bill C-22 a potential "death blow to Canadian tech viability." VPN providers NordVPN and Windscribe are threatening to leave the country entirely.
  • Trump pulled his AI cybersecurity executive order at the last minute. The order would have required companies to submit frontier AI models for government security testing 14–90 days before public release. Trump said it "could have been a blocker" to American competitiveness.
  • The EFF published a playbook for fighting government surveillance in the Americas. The guide provides concrete steps governments can take to curb arbitrary digital surveillance, using Inter-American human rights guarantees.
  • FISA Section 702 expires in 16 days. The Senate still hasn't acted on the House's 3-year reauthorization bill. The warrant requirement for searching Americans' data remains the sticking point.

Hackers Are Poisoning Your AI Coding Assistant (and You'd Never Know)

Here's a new attack vector that should make every developer uncomfortable: hackers figured out they can weaponize the files your AI coding assistant reads for context.

Socket identified the campaign on May 22, 2026. Attackers published 34 malicious packages across more than 384 versions on npm, PyPI, and Crates.io in rapid waves. The packages had names designed to look legitimate (prompt-engineering-toolkit, solidity-deploy-guard, defi-threat-scanner), targeting developers in crypto, DeFi, Solana, and AI communities [1].

The clever part: the packages dropped .cursorrules and CLAUDE.md files containing hidden instructions embedded with zero-width Unicode characters. These files are parsed by AI coding assistants like Claude Code and Cursor to understand project context. When the assistant reads the poisoned instructions, it runs what looks like a "security scan" but actually exfiltrates local secrets, AWS tokens, GitHub credentials, SSH keys, and crypto wallet keystores [1][2].

The attackers didn't stop there. They filed pull requests against major open-source AI repositories (LangChain, LlamaIndex, MetaGPT, OpenHands, and Langflow) with titles like "docs: add .cursorrules with dev standards and build verification." If merged, those PRs would have poisoned every developer who cloned those repos [1][2].

The shared npm payload, trap-core.js (48,485 bytes), specifically validated stolen AWS and GitHub tokens before exfiltrating them. It established persistence through cron jobs, systemd services, Git hooks, and SSH-based lateral movement [1].

Socket detected the malicious releases with a median time of 5 minutes and 27 seconds. Traditional vulnerability scanners? Zero results across all 34 packages, because none had any prior vulnerability history to flag [2].

What you should do: Audit your project directories for unexpected .cursorrules or CLAUDE.md files. Review any recently accepted PRs that added "developer standards" files. Check your dependencies against Socket's published list of the 34 compromised packages.

ShinyHunters' May Rampage: The European Commission, 7-Eleven, and Vimeo

ShinyHunters had a busy month. The financially-motivated extortion group, responsible for prior attacks on Ticketmaster, AT&T, and Salesforce, breached at least three major targets in May alone, and the common thread is third-party vendors.

European Commission: 350GB Stolen

ShinyHunters stole 350 gigabytes of data from the European Commission's cloud network, including mail server dumps, databases, confidential documents, contracts, full SSO user directories, DKIM signing keys, AWS config snapshots, and internal admin URLs. They published 90GB on their Tor leak site before the Commission even finished investigating [3].

The Commission claims internal systems weren't compromised (only the external Europa.eu platform), but that distinction matters less when your email server dumps are on the dark web. Officials said they would "continue to monitor the situation" and work to strengthen cybersecurity capabilities. Reassuring [3].

7-Eleven: 185,000 People Exposed

7-Eleven confirmed hackers breached a system used to store franchise applicant documents on April 8. The damage: names, dates of birth, email addresses, phone numbers, physical addresses, Social Security numbers, and driver's license numbers for 185,300 people [4][5].

ShinyHunters claims they grabbed over 600,000 records total after breaking into 7-Eleven's Salesforce environment. When the company refused to pay ransom, the group leaked a 9.4GB archive on their dark web site. 7-Eleven is offering 24 months of identity theft protection, with an enrollment deadline of August 1, 2026 [4][5].

Vimeo: 119,000 Users

Vimeo confirmed a breach affecting 119,000 users after ShinyHunters exploited its third-party analytics provider Anodot, the same Israeli AI analytics platform that was the entry point for the Zara breach (197,000 customers) earlier this year. ShinyHunters leaked 106GB of stolen data including email addresses and metadata [6].

The pattern is obvious: ShinyHunters isn't breaking into these companies directly. They're compromising the vendors those companies trust (Anodot, Salesforce instances, cloud analytics providers) and pivoting from there. If your company uses third-party analytics or CRM platforms, your attack surface is their security posture. For the bigger picture, see our guide to supply chain attacks in 2026.

Canada's Bill C-22 Is Driving Tech Companies Out of the Country

The opposition to Canada's Bill C-22, the Lawful Access Act, keeps growing, and it's not just privacy advocates anymore. The tech industry is threatening to leave.

Shopify CEO Tobi Lütke posted bluntly on X: "C-22 is looking like a huge mistake. It worries me a great deal. There is so much nonsense in there that it may well end up dealing a death blow to Canadian tech viability" [7].

VPN providers are already planning exits. Windscribe said it would relocate headquarters outside Canadian jurisdiction rather than log user data. NordVPN warned it would pull its operational presence from Canada before compromising its no-logs policy. Signal has repeatedly said it will leave Canada entirely rather than build encryption backdoors [7][8].

The EFF published a detailed analysis on May 26 calling C-22 "a repackaged version of last year's surveillance nightmare," referring to Bill C-2, which was abandoned after public backlash. The EFF's core objections: forced metadata retention for a full year, ministerial power to compel companies to build law enforcement backdoors (while claiming they won't create "systemic vulnerabilities"), and gag orders preventing companies from disclosing these demands [9].

The U.S. House Judiciary and Foreign Affairs committees sent a joint letter to Canada's Minister of Public Safety warning that backdoors in encrypted systems would endanger American citizens' privacy. Michael Geist, a Canadian law professor and tech policy expert, compared the government's dismissal of industry concerns to "the disastrous Online News Act playbook" [7][10].

Apple's position hasn't changed: "This legislation could allow the Canadian government to force companies to break encryption by inserting backdoors into their products: something Apple will never do" [10].

Related: Canada's Bill C-22: The Encryption Backdoor That Could Break the Internet | UK and Sweden's Encryption Backdoor Push

Trump Killed His Own AI Cybersecurity Executive Order: Here's What It Would Have Done

On May 21, President Trump abruptly pulled a planned executive order on AI cybersecurity just hours before the signing ceremony. The reason? He thought it might get in the way of winning the AI race [11].

"I didn't like certain aspects of it," Trump told reporters. "We're leading China, we're leading everybody, and I don't want to do anything that's going to get in the way of that leading" [11][12].

The order would have created a federal process for evaluating frontier AI models before public release. The key provision: companies would have submitted advanced models to the government 14 to 90 days before launch for security testing. The Office of the National Cyber Director would have led the evaluations [11][12].

The unofficial reason for the delay, per Axios: not enough tech CEOs could make it to Washington for the photo op on short notice [12].

The timing is notable. Anthropic's Mythos model and OpenAI's GPT-5.5 Cyber have both demonstrated the ability to rapidly identify and exploit security vulnerabilities: exactly the kind of capability the executive order was designed to evaluate before it hit the public [11]. Instead, there's no federal process for pre-release AI security review, and no timeline for when one might exist.

The EFF Just Published a Playbook for Fighting Government Surveillance in the Americas

On May 26, the Electronic Frontier Foundation released "Tackling Arbitrary Digital Surveillance in the Americas," a guide that uses Inter-American Human Rights System guarantees to lay out concrete steps governments should take to curb surveillance abuses [13].

The guide addresses a specific problem: poor accountability, weak oversight mechanisms, and insufficient legal frameworks have led to systematic human rights violations across the Americas, with no consistent remedy for victims. As governments ramp up "national security" justifications, digital surveillance technologies are being normalized [13].

The EFF's Cindy Cohn, who appeared on The Daily Show the same week, framed the publication as part of a broader push: the organization also released "Your Privacy Shouldn't Be A Corporate Decision" and "Online Tracking Isn't Just Unethical: It's Dangerous" in the same period [13].

The guide is available free at eff.org.

FISA 702 Expires in 16 Days. Congress Still Can't Agree on Warrants.

Section 702 of the Foreign Intelligence Surveillance Act expires June 12, 16 days from today, and the Senate hasn't voted on a long-term solution.

Here's where things stand: Congress passed a 45-day extension on April 30 to buy more time. The House already passed a 3-year reauthorization 235–191, but it attached a ban on Central Bank Digital Currency that's complicating Senate passage. The bipartisan SAFE Act, which would require warrants for searches of Americans' communications, hasn't gained enough traction [14][15].

The core dispute hasn't changed: reformers want the FBI to get a warrant before searching Americans' emails, calls, and texts collected under 702. The intelligence community says that requirement would create an "operational gap." Privacy groups (EPIC, the Brennan Center, and 5Calls) are running campaigns pushing the warrant requirement [14][15].

If Section 702 expires, the government loses the authority to compel companies to provide foreign intelligence data, but any surveillance orders already in effect continue until their annual renewal dates. The real deadline pressure is political, not operational.

Related: FISA 702: Two Bills, No Warrants, and a June Deadline | The SAFE Act Is Back: What the Bipartisan FISA Reform Bill Would Actually Do | FISA 702: The 45-Day Extension and the June Deadline

What to Watch

  • June 1–3: Gartner Security & Risk Summit in National Harbor, MD. Expect announcements on enterprise AI security posture.
  • June 12: FISA Section 702 expiration deadline. The Senate must act or pass another extension.
  • June 30: T-Mobile breach credit monitoring enrollment deadline. If you were affected by the March 2026 breach, sign up for free TransUnion monitoring before it closes.
  • ShinyHunters: Their victim list keeps growing: European Commission, 7-Eleven, Vimeo, Zara, Instructure, Rockstar Games, and more. Third-party vendor security is the common failure point. Audit your vendor relationships.
  • Canada C-22: Committee hearings continue. Watch for more tech industry defections and whether the government modifies the backdoor provisions under economic pressure.

References

  1. The Hacker News: TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO
  2. Socket: TrapDoor Crypto Stealer Supply Chain Attack Hits 34 Packages
  3. Silicon Republic: ShinyHunters claims responsibility for European Commission breach
  4. Bleeping Computer: 7-Eleven data breach exposes personal information of 185,000 people
  5. SecurityWeek: 7-Eleven Data Breach Confirmed After ShinyHunters Ransom Demand
  6. The Register: ShinyHunters claims 119K Vimeo emails in the wild
  7. GlobeNewsWire: Yanik Guillemette Warns Bill C-22 Could Trigger a Major Tech Investment Exodus From Canada
  8. MacRumors: Apple Warns Canada's Bill C-22 Could Force Encryption Backdoors
  9. EFF: Canada's Bill C-22 Is a Repackaged Version of Last Year's Surveillance Nightmare
  10. Michael Geist: Bill C-22's Groundhog Day
  11. TechCrunch: Trump delays AI security executive order
  12. Axios: Why Trump's AI executive order was pulled
  13. EFF: We Must Not Normalize Digital Surveillance Abuses
  14. Brennan Center: Section 702 of FISA: 2026 Resource Page
  15. NPR: Congress extends FISA 702 surveillance program for 45 days