Australia’s A$25bn AI wager, Bezos’s leap into “physical AI” and Musk’s push to shift data centres into orbit turned this week into a defining moment in the AI global industrial contest, with the Global South emerging as both proving ground and prize in the new AI steel age.
Vercel confirms a security incident after a compromised third-party AI tool's OAuth token allowed attackers to pivot into internal systems, exposing environment variables and API keys across its platform.
Anthropic is scrambling to contain fresh questions over its Mythos AI after online users reportedly accessed the ultra‑powerful model through previously mapped pathways, sharpening Pentagon supply chain concerns and spooking markets already on edge about AI‑driven cyber risk
A series of cyber attacks on Australian defence supply chain contractors has exposed sensitive material relating to major weapons programs, including the Redback infantry fighting vehicle.
Cyber News Centre's cyber update for 1st December 2025: A series of cyber attacks on Australian defence supply chain contractors has compromised material relating to Australia's weapons programs.
IKAD Engineering, a key player in the Australian defence industry, and overseas contractors involved in the ADF’s new Redback infantry fighting vehicle programme have been affected. The breaches have exposed sensitive data and highlight significant vulnerabilities in the nation’s defence industry and critical infrastructure.
Update: A series of cyber attacks on defence industry supply chain contractors has exposed threats to Australia's weapons programs. Recently it was revealed that a hacker group shared material about Australia's $7 billion Land 400 military program after allegedly breaching several Israeli defence companies. The Cyber Toufan group posted images and details on Telegram about the Australian Defence Force's (ADF) next-generation Redback infantry fighting vehicle.
Another group, J Group, claimed responsibility for a cyber attack on IKAD Engineering, a key player in the Australian defence industry. The ransomware gang alleges it infiltrated the company's systems for five months, exfiltrating 800GB of data, including information relating to Australian naval contracts, such as the Hunter Class frigate and Collins Class submarine programs. IKAD Engineering chief executive Gerard Dyson confirmed the incident, stating an "external third party" had gained unauthorised access to a portion of its internal IT systems.
Why it Matters: These incidents are a stark reminder of the importance of supply-chain cyber-resilience. The breaches highlight a structural problem in defence and high-security industries: the entire supply chain constitutes the attack surface. Even data that the supplier characterises as “non-sensitive” can hold strategic value.
Metadata, file structure, subcontractor networks, and project timelines may provide malicious actors with a roadmap to more critical systems. The timing of these breaches coincides with heightened warnings from Australia’s intelligence community. The head of ASIO recently stated that state-backed hacking groups are intensifying efforts to infiltrate Australia’s critical infrastructure and defence supply chains.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Vercel confirms a security incident after a compromised third-party AI tool's OAuth token allowed attackers to pivot into internal systems, exposing environment variables and API keys across its platform.
According to Microsoft’s April 2026 Security Update Guide, the company fixed more than 160 vulnerabilities across Windows, Office and core services, including an actively exploited SharePoint zero‑day and a Defender privilege‑escalation flaw.
The largest DeFi exploit of 2026 has seen $293 million drained from Kelp DAO's LayerZero cross-chain bridge, triggering a $5.4 billion withdrawal panic across the broader ecosystem and exposing critical centralization flaws in modular security.
ShinyHunters has exposed a critical weakness in cloud systems. The McGraw Hill breach shows how misconfigured Salesforce portals enabled large scale data leaks, with no software flaw to fix. This marks a shift toward exploiting common operational gaps rather than rare vulnerabilities.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
