The Australian Cyber Security Centre has issued urgent warnings about actively exploited vulnerabilities in Microsoft SharePoint Server (CVE-2025-53770) that enable unauthenticated remote code execution. With Chinese state-aligned actors and ransomware groups already compromising Australian organisations, this threat represents an immediate and severe risk to business-critical data and infrastructure.
Across AWS, Google Cloud, and Microsoft Azure environments in Australia and globally, 59% of IAM users maintain access keys that have never expired—credentials that have been active for more than one year. These long-lived credentials represent a silent but catastrophic vulnerability in your cloud infrastructure. This blog explores why long-lived credentials have become the primary attack vector for identity-based breaches, how red teams exploit them during penetration tests, and what you must do today to eliminate this ticking time bomb.
Critical authentication bypass vulnerabilities in Fortinet FortiGate and related products (CVE-2025-59718 and CVE-2025-59719) are now under active attack, allowing "ghost" SSO logins that completely sidestep normal controls and logs. For Australian organisations, this is more than a VPN or firewall problem – it is a board-level exposure that directly tests whether your external penetration testing, internal penetration testing, and red team assessment services are capable of simulating SSO abuse, identity takeovers, and lateral movement across hybrid networks.
A new security flaw called React2Shell (CVE-2025-55182) puts Australian businesses at extreme risk. It has a severity score of CVSS 10.0, which is the highest possible rating. This flaw lets hackers take full control of your servers without needing a password. It affects the popular tools React and Next.js.
A critical vulnerability in Adobe Commerce and Magento (CVE-2025-54236), dubbed "SessionReaper," is being ruthlessly exploited by threat actors using AI-driven tools to automate attacks at machine speed. With the Australian holiday trading season in full swing, this unauthenticated remote code execution (RCE) flaw poses an immediate existential threat to retail and B2B organizations. This alert outlines the mechanics of the attack, the role of AI in its weaponization, and the urgent defensive actions required to prevent a catastrophic data breach.
The Australian cyber threat landscape remains volatile this weekend following a chaotic 48 hours. Security teams across the country are currently responding to a major breach affecting the Victorian education sector and managing the fallout from critical vulnerabilities in Microsoft Windows and workflow automation tools.
The Australian cyber threat landscape for 14 January 2026 is dominated by a critical zero-day vulnerability in Microsoft Windows, actively exploited in the wild, and a confirmed breach of a major ASX-listed resource producer. The Australian Cyber Security Centre (ASD’s ACSC) has also issued fresh guidance on AI security following a surge in attacks targeting workflow automation platforms.
In the last 24 hours, the Australian cyber threat landscape has been dominated by a resurgence of targeted ransomware campaigns against the healthcare sector and critical vulnerability disclosures affecting widely used SaaS automation tools. The Anubis ransomware gang has claimed responsibility for breaching a Queensland medical practice, while a Critical-rated Remote Code Execution (RCE) vulnerability in the n8n workflow automation platform poses an immediate risk to SaaS providers and tech-driven enterprises.
The Australian cyber threat landscape for Monday, 12 January 2026, is dominated by the fallout from the "MongoBleed" vulnerability and a coordinated surge in attacks targeting the healthcare and SaaS sectors. Over the weekend, threat actors have accelerated the weaponisation of critical flaws in workflow automation tools and API gateways. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed intensified scanning activity, and several high-profile domestic breaches have been confirmed.
The Australian Cyber Security Centre has issued urgent warnings about actively exploited vulnerabilities in Microsoft SharePoint Server (CVE-2025-53770) that enable unauthenticated remote code execution. With Chinese state-aligned actors and ransomware groups already compromising Australian organisations, this threat represents an immediate and severe risk to business-critical data and infrastructure.
Welcome to this week's threat briefing. As we settle into 2026, the Australian cyber landscape is already heating up with critical exploits targeting the very automation tools that drive our efficiency. From unauthenticated remote code execution in popular workflow platforms to the industrialisation of AI jailbreaking, this week has highlighted that "set and forget" is no longer a viable security strategy.
The last 24 hours have seen a significant escalation in automated attacks targeting Australian infrastructure, with a marked pivot towards exploiting API logic flaws and AI-integrated systems. Our threat intelligence analysts have observed a coordinated campaign targeting the Healthcare and FinTech sectors, alongside persistent probing of Government IoT endpoints. Below is a detailed analysis of the critical threats observed on 9–10 January 2026.
The first week of 2026 has concluded with a flurry of critical alerts, creating a high-pressure environment for Australian security teams. Over the last 24 hours, the threat landscape has been dominated by a significant memory leak vulnerability in a widely used database system, a high-profile government disclosure, and critical flaws in automation platforms.
The first week of 2026 has delivered a sharp wake-up call to Australian organisations, with critical vulnerabilities exposing the fragility of our digital supply chains and AI infrastructure. Over the last 24 hours, the threat landscape has been dominated by a high-profile insurer breach, a critical database flaw dubbed "MongoBleed", and urgent alerts for government and AI systems.
