Upgrade from annual pen tests to continuous penetration testing services in Australia. Discover 2026 red teaming trends, PTaaS, and expert security assessments.
Discover how threat actors exploit the critical CVE-2026-20127 Cisco SD-WAN vulnerability. Learn IoCs, remediation steps, and how penetration testing secures your network.
The Australian Cyber Security Centre has issued urgent warnings about actively exploited vulnerabilities in Microsoft SharePoint Server (CVE-2025-53770) that enable unauthenticated remote code execution. With Chinese state-aligned actors and ransomware groups already compromising Australian organisations, this threat represents an immediate and severe risk to business-critical data and infrastructure.
Across AWS, Google Cloud, and Microsoft Azure environments in Australia and globally, 59% of IAM users maintain access keys that have never expired—credentials that have been active for more than one year. These long-lived credentials represent a silent but catastrophic vulnerability in your cloud infrastructure. This blog explores why long-lived credentials have become the primary attack vector for identity-based breaches, how red teams exploit them during penetration tests, and what you must do today to eliminate this ticking time bomb.
Critical authentication bypass vulnerabilities in Fortinet FortiGate and related products (CVE-2025-59718 and CVE-2025-59719) are now under active attack, allowing "ghost" SSO logins that completely sidestep normal controls and logs. For Australian organisations, this is more than a VPN or firewall problem – it is a board-level exposure that directly tests whether your external penetration testing, internal penetration testing, and red team assessment services are capable of simulating SSO abuse, identity takeovers, and lateral movement across hybrid networks.
Welcome to today's threat briefing for 25 March 2026. As a senior penetration tester actively engaged in defending Australian networks, I am observing an unprecedented level of volatility in our local threat landscape. Over the last 24 hours, adversary behaviour has demonstrated a rapid shift towards exploiting misconfigured cloud environments, weaponising artificial intelligence, and aggressively targeting critical supply chains.
As a senior penetration tester, I continually analyse the tactics, techniques, and procedures (TTPs) deployed against Australian organisations. Over the last 24 hours, our threat intelligence and incident response telemetry have highlighted a highly volatile landscape. We are witnessing aggressive automated exploitation of cloud environments, rampant API abuse, and novel attacks against integrated AI systems. The 2026 Armis Cyberwarfare Report recently noted that Australia is experiencing a surging volume of cyberwarfare attacks, underscoring the urgent need for a proactive, "assume breach" mentality.
As a senior penetration tester analysing adversary behaviour on the frontlines, I am observing an unprecedented level of volatility in the Australian cyber threat landscape. The window between vulnerability disclosure and active exploitation has collapsed to mere days, if not hours. Over the last 24 hours, threat actors have escalated their weaponisation of artificial intelligence, heavily exploited cloud misconfigurations, and capitalised on critical zero-day vulnerabilities across multiple key industries.
As a senior penetration tester actively analysing adversary behaviour and responding to frontline incidents, I am tracking a highly volatile threat landscape across Australia. Over the past 24 hours, our telemetry and threat intelligence indicate that the window between vulnerability disclosure and active exploitation has collapsed to mere days. Threat actors are rapidly weaponising artificial intelligence, exploiting cloud misconfigurations, and capitalising on critical web application and API vulnerabilities.
As a senior penetration tester actively analysing adversary behaviour and responding to frontline incidents, I am tracking a highly volatile threat landscape across Australia. Over the past 24 hours leading up to 20 March 2026, our telemetry and incident response engagements reveal a collapse in the window between vulnerability disclosure and active exploitation. Threat actors are aggressively weaponising artificial intelligence, exploiting misconfigured cloud environments, and capitalising on critical web application and API vulnerabilities.
As a senior penetration tester actively analysing adversary behaviour and frontline incident telemetry, I am tracking a highly volatile threat landscape across Australia. The newly released 2026 Armis Cyberwarfare Report (published today, 19 March 2026) highlights a sharp 72% rise in nation-state activity targeting Australian entities over the last year. Concurrently, the window between vulnerability disclosure and active exploitation has collapsed to mere days. Adversaries are aggressively exploiting misconfigured cloud environments, weaponising generative AI, and capitalising on critical API vulnerabilities to bypass traditional perimeter defences.
As of 18 March 2026, the Australian cyber threat landscape continues to escalate, marked by highly destructive attacks, aggressive exploitation of zero-day vulnerabilities, and the rapid weaponisation of AI by sophisticated threat actors. With the Federal Court recently imposing a landmark AUD 2.5 million penalty against an Australian financial services firm for cybersecurity governance failures, organisations across the nation are under immense regulatory and operational pressure to mature their cyber defences.
As of 17 March 2026, the Australian cyber threat landscape is escalating at an unprecedented pace, driven by highly sophisticated threat actors exploiting novel vulnerabilities across cloud, AI, and API environments. As a senior penetration tester, I spend my days simulating these exact adversary behaviours to uncover weaknesses before they are weaponised. Over the last 24 hours, we have observed a significant uptick in targeted attacks against critical Australian sectors, compounded by the rapid exploitation of newly disclosed Common Vulnerabilities and Exposures (CVEs).
As a senior penetration tester actively analysing adversary behaviour and responding to frontline incidents, I am tracking an exceptionally volatile threat landscape across Australia today, 16 March 2026. Over the past 24 hours, the window between vulnerability disclosure and active exploitation has collapsed from weeks to mere hours. We are observing threat actors aggressively weaponising artificial intelligence, exploiting cloud misconfigurations, and capitalising on critical zero-day vulnerabilities to bypass traditional perimeter defences. With Australia’s mandatory ransomware reporting laws in full enforcement and the new Cyber Security (Security Standards for Smart Devices) Rules 2025 officially active this month, the stakes for Australian organisations have never been higher.
As a senior penetration tester actively analysing adversary behaviour and responding to frontline incidents, I am tracking a highly volatile threat landscape across Australia today. Over the past 24 hours, the window between vulnerability disclosure and active exploitation has collapsed to mere days. We are seeing threat actors rapidly weaponising artificial intelligence, exploiting cloud misconfigurations, and capitalising on critical zero-day vulnerabilities.
