Discover how threat actors exploit the critical CVE-2026-20127 Cisco SD-WAN vulnerability. Learn IoCs, remediation steps, and how penetration testing secures your network.
The Australian Cyber Security Centre has issued urgent warnings about actively exploited vulnerabilities in Microsoft SharePoint Server (CVE-2025-53770) that enable unauthenticated remote code execution. With Chinese state-aligned actors and ransomware groups already compromising Australian organisations, this threat represents an immediate and severe risk to business-critical data and infrastructure.
Across AWS, Google Cloud, and Microsoft Azure environments in Australia and globally, 59% of IAM users maintain access keys that have never expired—credentials that have been active for more than one year. These long-lived credentials represent a silent but catastrophic vulnerability in your cloud infrastructure. This blog explores why long-lived credentials have become the primary attack vector for identity-based breaches, how red teams exploit them during penetration tests, and what you must do today to eliminate this ticking time bomb.
Critical authentication bypass vulnerabilities in Fortinet FortiGate and related products (CVE-2025-59718 and CVE-2025-59719) are now under active attack, allowing "ghost" SSO logins that completely sidestep normal controls and logs. For Australian organisations, this is more than a VPN or firewall problem – it is a board-level exposure that directly tests whether your external penetration testing, internal penetration testing, and red team assessment services are capable of simulating SSO abuse, identity takeovers, and lateral movement across hybrid networks.
A new security flaw called React2Shell (CVE-2025-55182) puts Australian businesses at extreme risk. It has a severity score of CVSS 10.0, which is the highest possible rating. This flaw lets hackers take full control of your servers without needing a password. It affects the popular tools React and Next.js.
In the last 24 hours, the Australian cyber security landscape has been dominated by a concerning breach of the national Early Warning Network and a historic regulatory penalty in the FinTech sector. Simultaneously, technical teams must urgently address critical vulnerabilities in workflow automation tools that power many modern SaaS and AI integrations.
The Australian cyber threat landscape for the last 24 hours has been dominated by a landmark regulatory ruling in the FinTech sector and escalating extortion campaigns targeting education and healthcare. The Federal Court’s decision to impose a $2.5 million penalty on FIIG Securities sets a new precedent for governance failures, signalling that "tick-box compliance" is no longer a viable defence.
As we commence the week, the Australian cybersecurity landscape is dominated by active exploitation of a new vulnerability in the popular SmarterMail platform and a high-profile data disclosure involving Substack. Additionally, the healthcare sector sees a reprieve with the conclusion of the Epworth HealthCare investigation, though the threat level remains critical. This briefing covers the latest intelligence from the last 24-48 hours, essential for decision-makers in Healthcare, SaaS, and Government sectors.
The first week of February 2026 has seen a distinct escalation in targeted campaigns against Australian critical infrastructure and services. This week’s intelligence highlights a sophisticated pivot by threat actors towards human-led attacks on identity systems (SSO) and a resurgence of high-impact ransomware claims in the healthcare sector. Furthermore, critical vulnerabilities in widely used SaaS and collaboration tools demand immediate attention from security teams across the region.
The last 24 hours in the Australian cyber security landscape have been dominated by significant government action against AI platforms and a confusing ransomware situation in the healthcare sector. On 6 February 2026, the Australian Government officially banned DeepSeek from government devices, citing national security concerns and severe vulnerabilities in the model’s safety guardrails. Simultaneously, the healthcare sector is on high alert as conflicting reports emerge regarding a massive data theft at a major Victorian provider.
In the last 24 hours, the Australian cyber threat landscape has been dominated by significant escalations in the Education and Healthcare sectors, alongside critical supply chain compromises affecting widely used software. Of particular concern is the shift in threat actor tactics towards "disruption over data theft," as highlighted by intelligence warnings regarding state-sponsored "cyberthugs." Today’s briefing analyses these developments to help your organisation stay resilient.
As we analyse the cyber threat landscape for the last 24 hours, Australian organisations are facing a convergence of sophisticated ransomware campaigns, rapid exploitation of AI vulnerabilities, and targeted scams against individuals. The Australian Signals Directorate (ASD) and industry leaders have flagged critical developments affecting the Healthcare, SaaS, and Government sectors.
Good morning, Australia. As we analyse the threat landscape for the last 24 hours, it is clear that 2026 is shaping up to be the year where "Agentic AI" risks move from theoretical to catastrophic. Today's briefing highlights a massive exposure in the AI ecosystem, critical zero-days continuously exploited by state-sponsored actors, and a glaring privacy failure in the Australian property sector.
Good morning. Here is your daily deep dive into the Australian cyber threat landscape for the last 24 hours. Today’s briefing highlights a critical security failure in the emerging "AI Agent" economy, a major shift in NSW government compliance, and new vulnerabilities targeting widely used developer tools.
The last seven days (26 January – 02 February 2026) have been defined by a resurgence in high-criticality infrastructure vulnerabilities and evolving nation-state tradecraft. For Australian organisations, the immediate priority is addressing active exploitation of Ivanti Endpoint Manager Mobile (EPMM) zero-days and critical patches for Cisco network infrastructure. Simultaneously, the threat landscape is shifting with reports of North Korean APT groups restructuring their operations, while the healthcare sector faces renewed warnings regarding IT/OT convergence risks.
