The Australian cyber threat landscape has seen significant volatility in the last 24 hours. The primary focus for security teams today is the catastrophic "React2Shell" vulnerability (CVE-2025-55182), which is actively being exploited to deploy cryptocurrency miners and backdoors across Australian cloud environments. Simultaneously, the healthcare and education sectors are under heavy fire, with a major breach disclosed by the University of Sydney and a confirmed ransomware attack on fertility provider Genea.

The last 24 hours have exposed significant fragility in Australia’s Healthcare and Education sectors, with a major audit revealing systemic security bypasses in NSW Health and a fresh data breach hitting the University of Sydney. Globally, critical vulnerabilities in Fortinet’s cloud infrastructure and React server components are demanding immediate patching cycles. This briefing summarises the key threats, incidents, and vulnerabilities impacting Australian organisations today.

As we approach the holiday shutdown period, the Australian cyber threat landscape has intensified significantly over the last 24 hours. The standout threat is the rapid weaponisation of the React2Shell (CVE-2025-55182) vulnerability, which is currently being exploited in the wild by state-sponsored actors and botnets alike. Additionally, the University of Sydney has confirmed a data breach impacting historical records, reminding the Education sector that non-production environments remain a critical risk vector.

In the last 24 hours, the Australian cybersecurity landscape has been dominated by the rapid escalation of the "React2Shell" (CVE-2025-55182) campaign and critical alerts regarding Fortinet authentication bypasses. Threat actors, particularly those with a Chinese nexus, are actively exploiting these vulnerabilities across the SaaS and Government sectors. Additionally, high-profile supply chain incidents impacting major AI providers like OpenAI highlight the growing fragility of the artificial intelligence ecosystem.

In the last 24 hours, the Australian cyber landscape has been dominated by urgent warnings regarding a maximum-severity vulnerability in the React framework, fresh ransomware concerns targeting Queensland healthcare providers, and significant developments in AI security governance. The Australian Cyber Security Centre (ACSC) and global partners continue to highlight the aggressive targeting of critical infrastructure by state-sponsored and opportunistic threat actors.

The Australian cyber threat landscape has intensified significantly over the last 24 hours. The Australian Cyber Security Centre (ACSC) and global intelligence firms have issued urgent alerts regarding a perfect storm of critical vulnerabilities. Foremost among these is "React2Shell"—a CVSS 10.0 vulnerability in the React framework—and a severe authentication bypass in Fortinet appliances. Simultaneously, ransomware groups are aggressively targeting Australian organisations, with confirmed breaches in the FinTech and Healthcare sectors. The Chaos and Qilin ransomware gangs have claimed responsibility for major data exfiltration events, highlighting the persistent threat to sensitive personally identifiable information (PII) and financial records.

The Australian cyber threat landscape has reached a critical juncture in the last 24 hours. The primary focus for all security teams today is the rapid weaponisation of the ‘React2Shell’ vulnerability (CVE-2025-55182), which is actively being exploited by Chinese state-sponsored actors and cybercriminal syndicates to compromise web applications across the SaaS, FinTech, and Government sectors. Simultaneously, the healthcare sector faces a renewed supply chain crisis following a breach at a major IT services provider.

The Australian cyber threat landscape for the last 24 hours has been dominated by the critical "React2Shell" vulnerability and the fallout from December’s "Patch Tuesday". State-sponsored actors and ransomware groups are moving with speed to exploit these new vectors. Additionally, a new report highlights a disturbing rise in data leakage through enterprise AI tools, impacting Australian SaaS and FinTech sectors heavily.

The last 24 hours have been particularly turbulent for Australian cyber defenders, marked by a critical "Act Now" alert for Fortinet appliances and a significant Patch Tuesday release from Microsoft involving exploited zero-days. As we move deeper into December, the threat landscape is dominated by the exploitation of edge devices and a worrying new trend of vulnerabilities in AI-assisted development tools. The Australian Cyber Security Centre (ACSC) has escalated warnings regarding authentication bypass flaws in Fortinet products, while fresh data reveals Australian organisations are currently the world’s most targeted for ransomware. Here is your deep dive into the threats impacting Healthcare, FinTech, Government, and SaaS providers over the past 24 hours.

The Australian cyber threat landscape has intensified significantly over the last 24 hours. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has issued a joint advisory regarding pro-Russia hacktivist groups targeting critical infrastructure. Simultaneously, a critical vulnerability in a widely used web development framework has put SaaS and eCommerce platforms on high alert. Our analysis today highlights a major breach in the Defence supply chain, a fresh ransomware attack on the retail sector, and emerging risks involving AI agents in identity infrastructure.