This week has seen a critical escalation in the Australian cyber threat landscape, dominated by a maximum-severity vulnerability in a widely used web framework and significant breaches in the Defence and Education sectors. The Australian Cyber Security Centre (ACSC) has issued urgent alerts, and organisations across all sectors—particularly those using React-based web applications—must take immediate action. Here is your deep dive into the threats, incidents, and vulnerabilities shaping the last 7 days (01–07 December 2025).

This week has seen a significant escalation in cyber activity targeting Australian critical infrastructure and supply chains. The most alarming development is a confirmed breach of a major Defence contractor, potentially exposing sensitive naval data. Simultaneously, a sophisticated campaign by the "Scattered Lapsus$ Hunters" group is aggressively targeting SaaS platforms, with Qantas and Zendesk users in the crosshairs. As we approach the holiday season, a new report warns that ransomware operators are leveraging Generative AI to time attacks for weekends and public holidays, specifically targeting periods of reduced staffing in Security Operations Centres (SOCs).