A critical 9.8‑rated flaw (CVE-2025-40551) in SolarWinds Web Help Desk is under active exploitation, letting unauthenticated attackers execute remote code and prompting urgent patch orders for government and enterprise users worldwide.
German insurance major HanseMerkur has been targeted by the Russia-aligned Dragonforce ransomware gang, which claims to have stolen 97GB of data. The attack on the €3 billion firm highlights the escalating threat of ransomware to the global financial services and insurance sectors.
San Francisco-based AI startup Fieldguide has closed a $75 million Series C funding round led by Goldman Sachs Alternatives' growth equity group, achieving a $700 million post-money valuation. The raise brings total venture funding to $125 million as the firm expands its AI enterprise platform.
The Rhysida ransomware group has targeted Harbour Town Doctors, a Queensland medical centre, threatening to leak sensitive patient data. The attack highlights the persistent threat of ransomware to the Australian healthcare sector.
Cyber News Centre's cyber update for 17th December 2025: Harbour Town Doctors, has been targeted by the Rhysida ransomware group, which claims to have exfiltrated sensitive patient data. Harbour Town Doctors is a medical centre located in Biggera Waters, Queensland. It provides a range of services including family medicine, a skin cancer clinic, and chronic disease management.
Update: The Rhysida ransomware group has listed Harbour Town Doctors, a medical centre on the Gold Coast, as a victim on its dark net extortion site. The group posted the claim on 11 December, threatening to sell a trove of sensitive patient data for five bitcoin, approximately $137,000 AUD. Low-resolution images shared by the attackers appear to show patient health summaries, medical record transfer requests, and pathology reports, some of which are on the clinic's letterhead. The incident is another example of Rhysida's focus on the healthcare sector, following a string of attacks on medical facilities in the US and a Sydney-based aged care agency in 2024.
The ransomware-as-a-service operation, first observed in mid-2023, is known for its double-extortion tactics, demanding payment for both data decryption and the deletion of stolen information. The group has claimed over 250 victims since its emergence. Harbour Town Doctors has not yet issued a public statement on the alleged breach, leaving patients in the dark about the status of their personal information. The incident underscores the growing threat of ransomware to the Australian healthcare sector and the vulnerability of patient data.
Why it Matters: This attack on a local Australian medical clinic is a stark reminder that the healthcare sector remains a prime target for financially motivated cybercriminals. The potential exposure of highly sensitive patient information, including health summaries and pathology reports, poses a significant risk of identity theft, fraud, and personal distress for affected individuals. For Harbour Town Doctors, the breach could lead to severe reputational damage, regulatory penalties under the Notifiable Data Breaches scheme, and a loss of patient trust. The incident also highlights the need for all healthcare providers, regardless of size, to implement robust cybersecurity measures, including multi-factor authentication, regular system patching, and comprehensive incident response plans to protect against the ever-present threat of ransomware.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
A critical 9.8‑rated flaw (CVE-2025-40551) in SolarWinds Web Help Desk is under active exploitation, letting unauthenticated attackers execute remote code and prompting urgent patch orders for government and enterprise users worldwide.
German insurance major HanseMerkur has been targeted by the Russia-aligned Dragonforce ransomware gang, which claims to have stolen 97GB of data. The attack on the €3 billion firm highlights the escalating threat of ransomware to the global financial services and insurance sectors.
Ivanti has confirmed actively exploited, pre‑authentication remote code‑execution flaws in its Endpoint Manager Mobile platform, allowing attackers to hijack internet‑facing MDM servers, push malicious device profiles, and exfiltrate sensitive mobile data at enterprise scale
The CL0P ransomware gang has breached Podiatry WA, a key Australian healthcare association, as part of a massive 22-victim global attack wave. The incident highlights the escalating threat of data extortion targeting professional services and healthcare sectors across Australia.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
