Discover how threat actors exploit the critical CVE-2026-20127 Cisco SD-WAN vulnerability. Learn IoCs, remediation steps, and how penetration testing secures your network.
The Australian Cyber Security Centre has issued urgent warnings about actively exploited vulnerabilities in Microsoft SharePoint Server (CVE-2025-53770) that enable unauthenticated remote code execution. With Chinese state-aligned actors and ransomware groups already compromising Australian organisations, this threat represents an immediate and severe risk to business-critical data and infrastructure.
Across AWS, Google Cloud, and Microsoft Azure environments in Australia and globally, 59% of IAM users maintain access keys that have never expired—credentials that have been active for more than one year. These long-lived credentials represent a silent but catastrophic vulnerability in your cloud infrastructure. This blog explores why long-lived credentials have become the primary attack vector for identity-based breaches, how red teams exploit them during penetration tests, and what you must do today to eliminate this ticking time bomb.
Critical authentication bypass vulnerabilities in Fortinet FortiGate and related products (CVE-2025-59718 and CVE-2025-59719) are now under active attack, allowing "ghost" SSO logins that completely sidestep normal controls and logs. For Australian organisations, this is more than a VPN or firewall problem – it is a board-level exposure that directly tests whether your external penetration testing, internal penetration testing, and red team assessment services are capable of simulating SSO abuse, identity takeovers, and lateral movement across hybrid networks.
A new security flaw called React2Shell (CVE-2025-55182) puts Australian businesses at extreme risk. It has a severity score of CVSS 10.0, which is the highest possible rating. This flaw lets hackers take full control of your servers without needing a password. It affects the popular tools React and Next.js.
In the last 24 hours, the Australian cyber threat landscape has been dominated by a significant supply chain compromise within the Defence sector and a surge in AI-enabled social engineering campaigns targeting the FinTech and Healthcare industries. Threat actors are increasingly leveraging third-party vulnerabilities to bypass hardened perimeters, necessitating an immediate review of vendor access privileges.
The last 24 hours have seen a significant escalation in the Australian cyber threat landscape. The Federal Government has moved from defence to offence with landmark sanctions against Russian cybercrime infrastructure, while the private sector grapples with active zero-day exploitation across major enterprise platforms. From defence contractors to healthcare providers, no sector has been left untouched this week.
Here is your deep dive into the threats shaping the Australian cyber environment today.
The Australian cyber threat landscape has intensified over the last 24 hours with significant geopolitical moves and critical infrastructure attacks. The Federal Government, in coordination with the US and UK, has officially sanctioned Russian "bulletproof" hosting providers facilitating ransomware campaigns against Australian targets. Meanwhile, the defence supply chain is under scrutiny following a confirmed breach at a major naval contractor, and network defenders are racing to patch actively exploited zero-days in Fortinet and Citrix appliances.
Here is your daily deep dive into the threats shaping our digital environment.
