Good morning, Australia. As we analyse the threat landscape for the last 24 hours, it is clear that 2026 is shaping up to be the year where "Agentic AI" risks move from theoretical to catastrophic. Today's briefing highlights a massive exposure in the AI ecosystem, critical zero-days continuously exploited by state-sponsored actors, and a glaring privacy failure in the Australian property sector.
Here is your daily deep dive into the threats mattering most to Australian organisations today.
🚨 Top Story: The "Moltbook" AI Agent Leak
Sectors Impacted: SaaS, AI, EdTech, FinTech
Over the last 24 hours, the cybersecurity community has been rocked by the exposure of Moltbook, a platform dubbed the "Reddit for AI Agents." A misconfigured database left 150,000 AI Agent API keys and login tokens publicly accessible.
- The Threat: This is not just a data breach; it is an identity breach for autonomous systems. Attackers can use these stolen keys to hijack AI agents, forcing them to execute fraudulent transactions, exfiltrate sensitive corporate data, or launch phishing attacks from "trusted" AI accounts.
- Why it Matters: If your organisation is integrating third-party AI agents or building "Vibe Coding" projects without rigorous security audits, you are likely exposed. This incident underscores the critical need for Non-Human Identity Management (NHIM).
🔍 Sector-Specific Threat Intelligence
Government & Critical Infrastructure
- Operation Neusploit (APT28): Russian state-sponsored actors are actively exploiting a zero-day in Microsoft Office (CVE-2026-21509).
- Attack Vector: Malicious RTF documents.
- Impact: This vulnerability allows remote code execution (RCE) on unpatched systems. Despite Microsoft rushing a patch late last month, exploitation rates have surged in the last 48 hours targeting government entities and defence contractors.
- NSW Strategy Update: On a positive note, the NSW Government has released a new cyber strategy mandating 24-hour incident reporting and a "secure-by-design" approach. We expect federal agencies to follow suit shortly.
SaaS & eCommerce (Mobile Focus)
- React Native "Metro4Shell" (CVE-2025-11953): A critical RCE vulnerability (CVSS 9.8) in the React Native CLI is being exploited in the wild.
- The Risk: Many Australian eCommerce and FinTech mobile apps rely on this framework. Threat actors are using this flaw to deliver base64-encoded PowerShell scripts, bypassing Defender to execute arbitrary commands.
- Action: DevSecOps teams must verify their build pipelines and dependencies immediately.
Healthcare & Real Estate
- Property Data Exposed: A new report from Guardian Australia has revealed that major Australian rental platforms are exposing millions of lease documents via predictable, non-authenticated URLs.
- Relevance: While this hits Real Estate directly, the methodology (Insecure Direct Object Reference or IDOR) is rampant in Healthcare patient portals and EdTech platforms.
- Check: Ensure your web applications enforce strict authorisation checks on every document access request. "Security through obscurity" (randomised URLs) is not security.
Enterprise & IoT
- Ivanti EPMM Zero-Days (CVE-2026-1281 & CVE-2026-1340): CISA has set a deadline of this week for federal agencies to patch these critical code injection vulnerabilities.
- Impact: Unauthenticated attackers can execute commands on Endpoint Manager Mobile gateways. This is a primary vector for lateral movement into IoT networks and corporate mobile fleets.
🛠 Technical Vulnerability Watchlist
| CVE ID | Severity | Description | Status |
|---|---|---|---|
| CVE-2026-21858 | Critical | n8n Workflow Automation RCE. Unauthenticated attackers can access sensitive files and execute code. | Exploited in Wild |
| CVE-2026-21509 | High | Microsoft Office RCE. Exploited by APT28 via RTF files. | Patch Immediately |
| CVE-2025-11953 | Critical | React Native CLI RCE. Impacting mobile app supply chains. | Active Attacks |
🛡️ Recommendations for CISOs & Security Teams
- Rotated AI Secrets: If your teams use Moltbook or similar "Agentic" platforms, rotate all associated API keys immediately.
- Hunt for RTF Files: Block
.rtfattachments at the email gateway or enforce strict sandboxing until the Microsoft patch (CVE-2026-21509) is verified across your fleet. - Audit Web Assets for IDOR: The rental platform leak is a wake-up call. Test your APIs to ensure that changing a document ID in the URL does not grant access to another user's data.
The speed at which AI agents are being compromised and weaponised is the defining challenge of 2026. Do not let your automated workforce become an adversary's entry point.
Contact us for a quote for penetration testing service or adversary simulation.