Australia’s A$25bn AI wager, Bezos’s leap into “physical AI” and Musk’s push to shift data centres into orbit turned this week into a defining moment in the AI global industrial contest, with the Global South emerging as both proving ground and prize in the new AI steel age.
Vercel confirms a security incident after a compromised third-party AI tool's OAuth token allowed attackers to pivot into internal systems, exposing environment variables and API keys across its platform.
Anthropic is scrambling to contain fresh questions over its Mythos AI after online users reportedly accessed the ultra‑powerful model through previously mapped pathways, sharpening Pentagon supply chain concerns and spooking markets already on edge about AI‑driven cyber risk
Singtel executives fronted a Senate inquiry, categorically denying explosive allegations that a secret ransom was paid to hackers following the massive 2022 Optus data breach that exposed personal information of 9.8 million Australians, amid ongoing inquiry into the telco's operational failures.
Cyber News Centre's cyber update for 13th March 2026: Optus's parent company, Singtel, has fronted a parliamentary inquiry, forcefully denying allegations that it paid a secret ransom to hackers following the catastrophic 2022 data breach.
Optus is Australia's second-largest telecommunications company, providing mobile, internet, and other services to over 11 million customers. It has been a wholly-owned subsidiary of Singaporean telecommunications giant Singtel since 2001.
Update: In a tense Senate committee hearing today, Singtel board directors Gail Kelly and John Arthur unequivocally denied claims that a ransom was paid to the criminals behind the 2022 Optus data breach. The explosive allegation, first reported by The Nightly, suggested senior Australian officials suspected a covert payment was made to prevent the release of 9.8 million customers' data.
The hacker, who initially demanded $1 million, mysteriously withdrew their threats and claimed to have deleted the data. Ms. Kelly told the inquiry,
"Singtel unequivocally, unambiguously says no, no ransom was paid, and similarly, no, no discussion was ever held (by the board) on such a matter."
The executives were appearing as part of a broader inquiry into the September 2025 triple-zero outage, another major operational failure for the telco. The 2022 breach itself stemmed from a simple but critical error: a publicly exposed, unauthenticated API that allowed attackers to scrape customer data unimpeded. The denial of a ransom payment leaves the hacker's sudden change of heart an unresolved mystery, with Ms. Kelly admitting, "We just don't know" why the attacker backed down.
Why it Matters: This public denial under parliamentary privilege puts Singtel's corporate integrity on the line. If evidence of a payment ever surfaced, the reputational and legal fallout would be immense, shattering trust with the Australian public and government.
The allegation itself, reportedly originating from within Australian intelligence circles, highlights a deep-seated mistrust between the government and the foreign-owned critical infrastructure provider. For Australian businesses, this saga is a stark reminder of the lose-lose nature of ransomware. Paying a ransom offers no guarantees and fuels the criminal ecosystem, yet refusing can lead to catastrophic data exposure. The unresolved mystery of the hacker's retreat does little to build confidence in Optus's ability to manage a crisis or be transparent with the public.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Vercel confirms a security incident after a compromised third-party AI tool's OAuth token allowed attackers to pivot into internal systems, exposing environment variables and API keys across its platform.
According to Microsoft’s April 2026 Security Update Guide, the company fixed more than 160 vulnerabilities across Windows, Office and core services, including an actively exploited SharePoint zero‑day and a Defender privilege‑escalation flaw.
The largest DeFi exploit of 2026 has seen $293 million drained from Kelp DAO's LayerZero cross-chain bridge, triggering a $5.4 billion withdrawal panic across the broader ecosystem and exposing critical centralization flaws in modular security.
ShinyHunters has exposed a critical weakness in cloud systems. The McGraw Hill breach shows how misconfigured Salesforce portals enabled large scale data leaks, with no software flaw to fix. This marks a shift toward exploiting common operational gaps rather than rare vulnerabilities.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
