Cybersecurity Knowledge Base

Welcome to the Lean Security Knowledge Base. This is our home for expert, actionable insights drawn from over 17 years of hands-on, real-world penetration testing.

We go beyond generic advice to give you the practical, in-the-field guidance you need to secure your platform, build trust with your clients, and meet your compliance goals (like ISO 27001, PCI DSS, and tender requirements).

Latest Threat Briefings & Analysis

Our feed of the latest Australian threat intelligence, new adversary TTPs, and compliance updates.

Featured

Nov 26, 2025

SessionReaper & BFCM: Why Penetration Testing Services Are Critical (CVE-2025-54236)

Nov 26, 2025

A critical vulnerability in Adobe Commerce and Magento (CVE-2025-54236), dubbed "SessionReaper," is being ruthlessly exploited by threat actors using AI-driven tools to automate attacks at machine speed. With the Australian holiday trading season in full swing, this unauthenticated remote code execution (RCE) flaw poses an immediate existential threat to retail and B2B organizations. This alert outlines the mechanics of the attack, the role of AI in its weaponization, and the urgent defensive actions required to prevent a catastrophic data breach.

Nov 26, 2025

Nov 12, 2025

CISA Alert: LANDFALL Spyware Hits Australian BYOD Devices

Nov 12, 2025

A zero-click vulnerability, CVE-2025-21042, in millions of Samsung devices is being actively exploited to install "LANDFALL," a commercial-grade spyware. This threat, now on CISA's KEV catalog , transforms an executive's personal device into a silent corporate surveillance tool, completely bypassing your MDM and EDR. For Australian organisations with BYOD policies, this is a critical, reportable data breach scenario under the NDB scheme.

Nov 12, 2025

Oct 25, 2025

Beyond the Patch: Why the Actively Exploited WSUS Vulnerability (CVE-2025-59287) Demands a Red Team Response in Australia

Oct 25, 2025

Actively exploited WSUS flaw CVE-2025-59287 (CVSS 9.8) threatens Australian businesses. Patching isn't enough. See why red teaming is essential to validate your security.

Oct 25, 2025

Browse by Topic

Find the expert content most relevant to your technology and compliance goals.

Vulnerability Deep Dives

Technical breakdowns of the flaws we find in the wild. We explain the risk, the exploit, and the code-level fix.

Vulnerability Deep Dives

Nov 18, 2025

API Security

Nov 18, 2025

(BOLA, BFLA, Mass Assignment, JWT Flaws)

Nov 18, 2025

Cloud Security

Nov 18, 2025

(AWS S3 Leaks, Azure IAM Misconfigurations, GCP Container Escapes)

Nov 18, 2025

OTT Security

Nov 18, 2025

(Insecure Data Storage, Root/Jailbreak Detection Bypass, Hardcoded API Keys)

Nov 18, 2025

Web Application

Nov 18, 2025

(OWASP Top 10, Business Logic Errors, XSS, SQLi)

Nov 18, 2025

Industry & Market Security

Tailored security strategies for your specific sector's compliance and threat landscape.

eCommerce Security Australia | Protecting Your Online Store & Customer Data

Retail and Online Shops

A comprehensive guide to eCommerce application security for Australian businesses. Learn how threat modelling and penetration testing protect your revenue, customer data, and reputation.

SaaS Security Australia | From Startup to Enterprise-Ready

SaaS Applications Security

A guide to SaaS application security for Australian founders and CTOs. Learn how to meet ISO 27001/SOC 2 compliance, secure your multi-tenant architecture, and accelerate enterprise sales.

Healthcare Application Security | Patient Trust & Compliance in Australia

Healthcare Applications Security

Lean Security helps medical and healthcare device providers by simply ensuring that the mobile applications that payers, patients and doctors are using are completely protected from attacks and that the environment in which mobile applications are running has not be compromised.

FinTech and Payments Penetration Testing 2025.png

Penetration Testing for Financial Services & FinTech

Penetration Testing for Financial Services & FinTech

Lean Security provides specialised penetration testing for the financial services sector in Australia. We help banks, wealth managers & FinTechs secure apps, meet regulatory compliance & protect client data.

IoT Security Australia | Protecting Your Connected Devices in 2025

IoT Devices Security
If IoT devices’ are not secured, it is likely it can be used for improper operation and exposure of personal information which leads to loss and theft such that of identities, personal and financial information and more. Lean Security will help to mitigate the risks.

OTT penetration testing

Penetration Testing for OTT and Digital Media

Protect your streaming content & user data. We offer expert OTT penetration testing for APIs, Smart TV apps, CDNs & cloud infra.

Education & EdTech

Penetration Testing for Education & EdTech

Specialised penetration testing for Australian universities, schools, and EdTech platforms. Protect student data, secure research IP, and ensure platform reliability. Contact our Sydney team.

Government Penetration Testing & ISM Compliance

Government Penetration Testing & ISM Compliance

Specialist penetration testing for Australian government agencies. We help federal, state & local sectors secure citizen data, meet ISM/PSPF compliance & protect critical services.

weekly threat reports

Our feed of the latest Australian threat intelligence, new adversary TTPs, and compliance updates.

Featured

Dec 4, 2025

Daily Threat Briefing: Ransomware Surge & Critical React Flaw Hits Australian Networks

Dec 4, 2025

The last 24 hours have seen a significant escalation in cyber activity targeting Australian critical infrastructure and commercial sectors. The Australian Cyber Security Centre (ACSC) has issued a critical alert regarding a vulnerability in React Server Components, while ransomware groups have successfully breached targets across the Government, Defence, and FinTech sectors. Today's briefing analyses these active threats, highlighting a disturbing trend of supply chain compromises and API misconfigurations that are leaving organisations exposed.

Dec 4, 2025

Dec 3, 2025

Daily Threat Briefing: Defence Supply Chain Breach, AI RCEs & Critical Telco Fines

Dec 3, 2025

As we settle into December, the Australian cyber threat landscape is already heating up. In the last 24 hours, we’ve seen a major breach in the Defence supply chain, significant regulatory action against a local telco for anti-scam failures, and the discovery of a critical vulnerability in a widely used AI inference engine. For security teams across Healthcare, FinTech, and Government, today’s briefing highlights the critical need for supply chain vigilance and rigorous identity verification.

Dec 3, 2025

Dec 2, 2025

Daily Threat Briefing: Australia – 02 December 2025

Dec 2, 2025

The last 24 hours have seen a significant surge in ransomware activity and critical infrastructure targeting across Australia. The Australian Cyber Security Centre (ACSC) and industry watchdogs have issued multiple alerts regarding active exploitation of network edge devices. Prominent threat actors, including KillSec, Space Bears, and RipperSec, have claimed successful breaches against Australian targets in the Government, FinTech, and Education sectors. Organisations are urged to prioritise patching critical vulnerabilities in Cisco and Microsoft infrastructure immediately, as threat actors are weaponising these flaws for initial access.

Dec 2, 2025

Dec 1, 2025

Australian Cyber Threat Briefing: Record DDoS, SaaS Supply Chain Risks, and Holiday Scams

Dec 1, 2025

As we enter December, the Australian cyber threat landscape has escalated sharply. In the last 24 hours, security teams across the nation have faced a convergence of sophisticated state-sponsored activity, record-breaking DDoS attacks, and targeted supply chain compromises. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and global intelligence feeds indicate a critical surge in threats targeting SaaS environments and healthcare infrastructure. This briefing covers the most significant threats, threat actors, and vulnerabilities identified over the weekend and into today, specifically tailored for Australian organisations.

Dec 1, 2025

Nov 30, 2025

Daily Threat Briefing: Australia’s Holiday Cyber Surge & Critical Sector Alerts

Nov 30, 2025

As we wrap up the Black Friday weekend and move into the holiday season, the Australian cyber threat landscape has seen a significant escalation in activity over the last 24 hours. Our deep dive into the latest intelligence reveals a coordinated surge in campaigns targeting the government, healthcare, and retail sectors. Advanced Persistent Threats (APTs) and opportunistic criminal gangs are leveraging AI-driven automation to exploit new vulnerabilities in web applications and APIs. Click to get a more detailed breakdown of the critical threats, exploited vulnerabilities, and active threat actors impacting Australian organisations today.

Nov 30, 2025

Ready to Secure Your Platform?

Our insights are based on our real-world testing. If you're ready to go beyond theory and get a practical, expert-led assessment for your platform, we're here to help.