A global coalition led by Microsoft and Europol has dismantled the Tycoon 2FA phishing-as-a-service platform, a major criminal enterprise that enabled attackers to bypass multi-factor authentication and compromise nearly 100,000 organisations worldwide.
Jensen Huang's GTC 2026 reframed the AI race entirely: agentic AI, physical intelligence, orbital data centres and self-driving platforms have replaced benchmark wars. On the All-In podcast he tackled AI's PR crisis head-on. NVIDIA is building the infrastructure backbone of the next global economy.
Stryker is rebuilding after a cyberattack that wiped about 80,000 devices via a compromised Intune admin account, with up to 50TB of data reportedly exfiltrated. As US systems face similar probes, Australia is exposed, increasing pressure on boards to tighten cyber controls and readiness.
Melbourne-based fleet management firm Netstar Australia has been hit by the Blackshrantac ransomware group in a data extortion attack, underscoring rising cyber risks in the telematics sector that handles sensitive GPS data for government and critical infrastructure operators.
Cyber News Centre's cyber update for 18th December 2025: Melbourne-based fleet management provider Netstar Australia has been targeted by the Blackshrantac ransomware group in a data extortion attack.
Netstar Australia is a Melbourne-based technology company specialising in GPS telematics and fleet management solutions. The company provides services to a diverse range of sectors across Australia, including government and critical infrastructure operators, with over two decades of experience in the industry.
Update: The Blackshrantac ransomware group, a data extortion actor first seen in September 2025, has claimed responsibility for a cyberattack on Melbourne-based Netstar Australia. The incident, discovered on December 17, 2025, is a data extortion attack, where the primary threat is the public release of stolen sensitive information rather than data encryption.
Blackshrantac operates as a data broker, using double extortion tactics to pressure victims into paying a ransom. The group has been linked to over 30 attacks globally since its emergence. While the full extent of the data compromised in the Netstar breach has not been disclosed, the company's services involve collecting and managing extensive telematics data, including real-time vehicle location, driver behaviour, and operational intelligence for its clients.
This attack follows a pattern of recent strikes by the group against various international targets, indicating a rapid and aggressive operational tempo. The incident places Netstar Australia among a growing list of victims as the threat actor continues to expand its activities, targeting organisations across multiple sectors and geographies. The attack was first reported by cybersecurity intelligence firm HookPhish, which tracks ransomware group activities.
Why it Matters: The attack on Netstar Australia highlights a significant and growing threat to the telematics and fleet management sector. These companies are custodians of highly sensitive data, including the real-time location of vehicles and assets for government agencies and critical infrastructure operators. A breach in this sector does not just represent a corporate data loss; it creates a national security risk. Compromised GPS tracking data could expose operational details of sensitive convoys, disrupt supply chains, and provide hostile actors with intelligence on the movement of critical assets.
The incident underscores vulnerabilities common in the automotive and telematics industry, where interconnected systems and third-party contractor dependencies create a broad attack surface. As threat actors like Blackshrantac focus on data extortion, the value of telematics data as a leverage point for ransom demands increases, making providers like Netstar a high-value target for cybercriminals.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
A global coalition led by Microsoft and Europol has dismantled the Tycoon 2FA phishing-as-a-service platform, a major criminal enterprise that enabled attackers to bypass multi-factor authentication and compromise nearly 100,000 organisations worldwide.
Stryker is rebuilding after a cyberattack that wiped about 80,000 devices via a compromised Intune admin account, with up to 50TB of data reportedly exfiltrated. As US systems face similar probes, Australia is exposed, increasing pressure on boards to tighten cyber controls and readiness.
Google has issued an emergency patch for a high-severity zero-day (CVE-2026-3910) in its V8 JavaScript engine, which is being actively exploited in the wild. The flaw allows arbitrary code execution, posing a significant risk to billions of Chrome users globally, including in Australia.
The Iran Israel confrontation is expanding into cyberspace. A cyberattack linked to pro Iran hackers disrupted medical technology giant Stryker, highlighting how geopolitical conflict can now spill directly into hospitals, businesses and supply chains across the connected global economy.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
