Discover how threat actors exploit the critical CVE-2026-20127 Cisco SD-WAN vulnerability. Learn IoCs, remediation steps, and how penetration testing secures your network.
The Australian Cyber Security Centre has issued urgent warnings about actively exploited vulnerabilities in Microsoft SharePoint Server (CVE-2025-53770) that enable unauthenticated remote code execution. With Chinese state-aligned actors and ransomware groups already compromising Australian organisations, this threat represents an immediate and severe risk to business-critical data and infrastructure.
Across AWS, Google Cloud, and Microsoft Azure environments in Australia and globally, 59% of IAM users maintain access keys that have never expired—credentials that have been active for more than one year. These long-lived credentials represent a silent but catastrophic vulnerability in your cloud infrastructure. This blog explores why long-lived credentials have become the primary attack vector for identity-based breaches, how red teams exploit them during penetration tests, and what you must do today to eliminate this ticking time bomb.
Critical authentication bypass vulnerabilities in Fortinet FortiGate and related products (CVE-2025-59718 and CVE-2025-59719) are now under active attack, allowing "ghost" SSO logins that completely sidestep normal controls and logs. For Australian organisations, this is more than a VPN or firewall problem – it is a board-level exposure that directly tests whether your external penetration testing, internal penetration testing, and red team assessment services are capable of simulating SSO abuse, identity takeovers, and lateral movement across hybrid networks.
A new security flaw called React2Shell (CVE-2025-55182) puts Australian businesses at extreme risk. It has a severity score of CVSS 10.0, which is the highest possible rating. This flaw lets hackers take full control of your servers without needing a password. It affects the popular tools React and Next.js.
In the last 24 hours, the Australian cyber threat landscape has been dominated by sophisticated abuse of AI infrastructure and targeted identity attacks. A new report released today highlights how threat actors are weaponising legitimate AI hosting platforms to distribute malware, bypassing traditional perimeter defences. Simultaneously, the FinTech and SaaS sectors are facing a resurgence of human-led phishing campaigns targeting Single Sign-On (SSO) credentials.
The Australian cyber threat landscape has undergone a distinct shift in the last 24 hours. New intelligence released yesterday indicates that threat actors are moving away from traditional malware infections, favouring direct network-based attacks to exploit exposed edge infrastructure. As Australian organisations race to integrate AI, privacy governance is struggling to keep pace, creating new blind spots in real-time data protection.
Welcome to today's threat briefing. As we approach the end of January, the Australian cyber landscape is seeing significant shifts in government policy and active exploitation of education and financial sectors. Below is a deep dive into the critical threats, incidents, and vulnerabilities observed over the last 24 hours.
The Australian cyber threat landscape over the last 24 hours has been dominated by a significant data breach within the Victorian education sector and the emergency disclosure of critical vulnerabilities affecting widespread enterprise tools. Threat actors are actively exploiting zero-day vulnerabilities in Microsoft Office and Zoom, while a new supply chain attack targeting developers using AI tools has been uncovered. Australian organisations, particularly in Government, Education, and FinTech, must prioritise patching and threat hunting immediately.
The Australian cyber threat landscape has intensified significantly over the last 24 hours, with critical developments impacting the healthcare, retail, and SaaS sectors. Today’s briefing highlights a new zero-day exploit in Microsoft Office, a confirmed breach at a major fertility provider, and the emergence of "World Leaks" targeting global brands with Australian operations.
As the nation observes Australia Day, the cyber threat landscape over the last 24 hours has been anything but quiet. While many organisations are operating with skeleton staff due to the public holiday, threat actors are actively leveraging this window to exploit critical vulnerabilities in widely used infrastructure. Our analysts have observed a convergence of physical and digital threats, with heightened hacktivist chatter targeting government entities and continued fallout from the massive Victorian education sector breach.
The Australian cyber threat landscape has seen significant activity over the last 24 hours, with major developments across the FinTech and SaaS sectors. From regulatory crackdowns on financial platforms to novel attacks targeting AI systems, organisations must remain vigilant. Below is a deep dive into the most critical threats, exploited vulnerabilities, and industry updates relevant to Australian businesses today.
The Australian cyber threat landscape remains volatile this weekend following a chaotic 48 hours. Security teams across the country are currently responding to a major breach affecting the Victorian education sector and managing the fallout from critical vulnerabilities in Microsoft Windows and workflow automation tools.
The Australian cyber threat landscape for 14 January 2026 is dominated by a critical zero-day vulnerability in Microsoft Windows, actively exploited in the wild, and a confirmed breach of a major ASX-listed resource producer. The Australian Cyber Security Centre (ASD’s ACSC) has also issued fresh guidance on AI security following a surge in attacks targeting workflow automation platforms.
