Another week, another frontier model. As Anthropic’s Claude Opus 4.7 chases enterprise depth and OpenAI turns ChatGPT, GPT‑6 and GPT‑Rosalind into the ambient verbs of digital work and lab science, the contest is no longer IQ scores. It is which unseen layer we quietly let sit beneath institutions.
ShinyHunters has exposed a critical weakness in cloud systems. The McGraw Hill breach shows how misconfigured Salesforce portals enabled large scale data leaks, with no software flaw to fix. This marks a shift toward exploiting common operational gaps rather than rare vulnerabilities.
Anthropic’s Mythos clampdown, April’s record Patch Tuesday and Nvidia’s Blackwell‑to‑Rubin GPU roadmap mark a turning point in cyber defence, exposing how deeply allied nations now rely on US‑controlled, agentic AI to detect and counter zero‑day threats.
The Victorian Department of Education has confirmed a major data breach affecting all 1700+ government schools. Hackers accessed the names, emails, and encrypted passwords of current and former students, impacting potentially hundreds of thousands of individuals just weeks before the new school year
Cyber News Centre's cyber update for 15th January 2026: The Victorian Department of Education has confirmed a major data breach impacting all 1700 of its government schools, with the personal information of current and former students accessed by an unauthorised third party.
Update: The Victorian Department of Education has disclosed that an unauthorised third party breached its systems, gaining access to a database containing the personal information of current and former students across all 1,700 government schools.
The incident, which reportedly occurred weeks ago but was announced yesterday, was initiated through a compromised school network. The exposed data includes student names, school-issued email addresses, year levels, and encrypted passwords. The department has confirmed that more sensitive information, such as dates of birth, home addresses, and phone numbers, was not compromised. In response, all student passwords have been reset as a precautionary measure, temporarily blocking access to school accounts. New credentials will be issued to senior VCE students as a priority, with all other students receiving them at the start of the 2026 school year.
The department is working with cybersecurity experts and other government agencies to investigate the incident and has disabled the attack vector to prevent further access. There is currently no evidence to suggest the stolen data has been publicly released or shared with other malicious actors. The timing of the disclosure is critical, coming just weeks before students are scheduled to return to classrooms.
Why it Matters: This breach represents a significant failure to protect the sensitive data of a large and vulnerable population. The exposure of student names and email addresses, even without more detailed personal information, creates a substantial risk of targeted phishing campaigns and other social engineering attacks against students, their families, and school staff.
The timing, just before the school year begins, maximises potential disruption and creates a logistical challenge for the department in securely re-issuing credentials for hundreds of thousands of students. The incident also erodes public trust in the government's ability to secure critical digital infrastructure, particularly within the education sector.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
ShinyHunters has exposed a critical weakness in cloud systems. The McGraw Hill breach shows how misconfigured Salesforce portals enabled large scale data leaks, with no software flaw to fix. This marks a shift toward exploiting common operational gaps rather than rare vulnerabilities.
Booking.com confirms hackers accessed customer names, emails, addresses, and booking details via third-party compromise. Stolen data is already fuelling targeted WhatsApp phishing attacks, exposing deep supply chain vulnerabilities in global travel platforms.
Anthropic’s rise is no longer about models, but control. As it embeds across enterprise, leaked code reveals deep telemetry, remote overrides and emerging autonomy. Industry leaders warn the same systems reshaping business may amplify cyber risk beyond current defences.
Anthropic’s rapid push into enterprise AI and its $30B raise signal a new phase where autonomous systems drive both productivity and cyber risk. As AI executes tasks at machine speed, markets, governments and workers face a sharper question: who controls the systems now shaping outcomes.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
