Latest Analysis
Cybersecurity intelligence, threat analysis, and national security reporting.
Bolstering AI Resilience Across Cloud and Data Environments
As AI agents and copilots increasingly access, share, and store enterprise data, organisations in Australia and New Zealand face a pressing question: can they keep their data secure and recoverable in this new landscape? The integration of agentic AI and copilots is expanding data pathways, creating new operational risks that demand attention to visibility, protection, and recovery readiness.
Australia Launches $7.8 Billion Submarine Life Extension Program
Australia is investing $7.8 billion to breathe new life into its fleet of six Collins-class submarines, extending their service until the 2040s and ensuring the country's naval edge remains sharp. The life-extension program will see the state-owned company ASC carry out the work, bridging the gap to the arrival of nuclear-powered submarines.
Device Security Must Complement Identity to Thwart Modern Threats
Authentication is no longer enough to guarantee security - even with multi-factor authentication in place, phishing kits can capture session tokens, allowing attackers to bypass security checks undetected. As a result, device security must step up to complement identity and prevent modern threats.
GitHub Breach Exposes Internal Repositories
GitHub has confirmed a cyber incident that exposed its internal repositories, sparking concerns about the security of code and sensitive data. The breach raises questions about the potential impact on users and the measures being taken to prevent future incidents.
Drupal Rushes Security Fix to Plug High-Risk Bug
Drupal is rushing out a critical security update today to fix a high-risk bug that could be exploited by hackers within hours of the patch being released. The update is a core security release aimed at plugging a vulnerability that poses a significant threat to users.
Webworm APT Expands European Reach with Evolved Tactics
Meet Webworm, a China-aligned APT group that's now setting its sights on European governments and beyond, with a semi-opportunistic approach that's taken its targets to Belgium, Italy, Poland, Serbia, Spain, and even South Africa. This threat actor's evolved tactics signal a concerning expansion of its reach.
AI Botnets Fuel DDoS Surge in Financial Sector
The financial sector saw a staggering 2.41 billion network- and transport-layer denial-of-service attacks in 2025, with banking bearing the brunt, accounting for 60% of total web attacks and over 80% of API-related incidents. TurboMirai, a powerful AI botnet, was a key driver of this alarming surge, fueling attacks that lasted a whopping 738% longer than usual.
GitHub Hit by Internal Repo Breach via Malicious VS Code Extension
GitHub's internal repositories were breached after a malicious Visual Studio Code extension was used to launch the attack, but thankfully, customer data appears to be safe. The incident has left users wondering what else may have been compromised.
Exploit Released for PinTheft Linux Flaw
A critical Linux flaw, dubbed PinTheft, has been exploited, allowing local attackers to gain root privileges on affected systems through a complex vulnerability in the Reliable Datagram Sockets (RDS) code. This security gap can be triggered by a specific interaction between RDS zerocopy and io_uring fixed buffers.
Typosquatting Evolves Into Supply Chain Threat
Typosquatting has morphed into a sinister supply chain threat, with attackers now embedding malicious lookalike domains within legitimate third-party scripts to intercept sensitive data. This alarming evolution has led to devastating attacks, such as the Trust Wallet compromise, where 2,500 wallets were drained in just 48 hours.
GitHub Breach Exposes 3800 Internal Repositories to Malicious VS Code Extension
GitHub's security team swiftly contained a breach that exposed 3,800 internal repositories to a malicious VS Code extension, and immediately took action to prevent further damage. The company has completed critical secret rotations and is now meticulously analyzing logs to ensure the incident is fully resolved.
Met Police Surveillance Exposes Data Requests Surge
The Metropolitan Police made a staggering 700,000+ requests to tech companies in 2025 to access private communications data, helping officers solve crimes, find missing people, and gather crucial intelligence. This massive surge in data requests highlights the force's growing reliance on digital information to keep London safe.
Microsoft Mitigates YellowKey BitLocker Bypass Exploit with New Guidance
Microsoft has stepped in to squash a newly revealed BitLocker bypass exploit, dubbed YellowKey, by releasing crucial guidance to protect users from potential attacks. This security move comes after a researcher demonstrated how the exploit could spawn a shell with unrestricted access to sensitive data.
Barracuda Warns of CypherLoc Scareware Targeting Millions
Millions of users are under attack by the CypherLoc scareware, with Barracuda researchers tracking around 2.8 million attacks since January 2026 alone. This staggering number reveals a coordinated and widespread campaign that's putting tens of millions of people at risk.
Vulnerability Exploits Overtake Credentials as Top Breach Entry Point
For the first time in nearly two decades, exploiting vulnerabilities has surpassed compromised credentials as the top breach entry point, accounting for 31% of data breaches over the past year. This significant shift suggests that threat actors are adapting their tactics, and defenders must follow suit.
GitHub Breach Exposes 3,800 Repos via Malicious VSCode Extension
GitHub recently uncovered a sneaky attack involving a tainted VS Code extension that compromised an employee's device, putting 3,800 repositories at risk. The breach was quickly contained, but not before some internal repositories were exfiltrated.
Microsoft Discloses Mitigations for YellowKey Windows Zero-Day Vulnerability
Microsoft has issued urgent guidance to mitigate a newly publicized Windows zero-day vulnerability, dubbed YellowKey, which could allow attackers to bypass security features. The tech giant is working on a fix, but in the meantime, it's urging users to follow its interim guidance to stay protected.
Grafana GitHub Breach Exposes Source Code in TanStack npm Attack
Grafana Labs recently reported a security breach that exposed source code and internal data, but fortunately, there's no evidence that customer production systems were compromised. The breach, detected on May 11, was confined to the company's GitHub environment and involved both public and private source code and internal repositories.
GitHub Probes Internal Breach Claimed by TeamPCP Hackers
GitHub is investigating a possible internal breach after a hacking group claimed unauthorized access to its repositories. The company says it has no evidence that customer data has been compromised so far.
GitHub Probes Breach Claim by TeamPCP Hackers
GitHub is investigating a security breach claim by hackers TeamPCP, who allegedly stole around 4,000 of the platform's internal repositories and put the source code up for sale for a hefty $50,000. The company has already sprung into action, detecting and containing the breach and taking steps to mitigate the risk.
Iran War Fractures US-European Strategic Alliance
As US and Israeli strikes on Iran intensified, Spain's Prime Minister Pedro Sánchez boldly declared, We are a sovereign country that does not wish to take part in illegal wars, effectively shutting the door on US forces at Naval Station Rota and the Morón Air Base. This move sparked a stern warning from President Donald Trump, threatening a full trade embargo on Spain.
Ukraine Deploys Ground Robots in Combat, Shifts Front Line Dynamics
Meet the game-changing Droid TW 12.7, a remote-controlled ground robot that single-handedly defended a crucial intersection for 45 days, repelling enemy attacks and safeguarding Ukrainian lives. With its operator safely positioned 10 kilometers away, this robotic hero successfully disrupted every attempted breakthrough, proving to be a powerful force on the front lines.
DZYNE Unveils BlitzBox Containerized Drone Launch System
Meet BlitzBox, a game-changing containerized drone launch system that pairs a small, modular fixed-wing drone with a stealthy shipping-container launcher, offering unparalleled flexibility in electronic warfare and deception operations. This innovative system cruises at 40-75 knots, packing a powerful punch with its adaptable payload and endurance capabilities.
Army Transformation Initiative Under Review Amid Funding Concerns
Defense Secretary Pete Hegseth is hitting the pause button on the Army Transformation Initiative, admitting that while some aspects are promising, others require a closer look. The move has sparked questions from lawmakers and military leaders about the future of the Army's overhaul.