Sam Altman is preparing to launch an AI-powered web browser and warns of a looming fraud crisis from AI voice cloning. As OpenAI pushes into hardware and software, Altman is also urging banks to abandon outdated voiceprint authentication before it's exploited at scale.
Elon Musk's xAI is accelerating its reach through federal deals, kid-focused AI, and Tesla integration. A $200M Pentagon contract and Baby Grok's launch show his ambition to rival OpenAI, but questions remain over safety, government ties, and conflicting positions on public spending.
Altman and Musk are battling for control of AI’s future. With OpenAI scaling to one million GPUs and launching its own browser, and xAI securing Pentagon deals and embedding Grok in Teslas, this rivalry is not just about tech. It’s a fight over how AI will shape society and power.
Australian IVF provider Genea confirms a cyberattack that exposed sensitive patient data on the dark web. Meanwhile, CISA and FBI issue a joint advisory on escalating Interlock ransomware attacks targeting virtual machines across North America and Europe.
Cyber News Centre’s cyber update for 23rd July 2025: Australian fertility provider Genea has confirmed a cyberattack that exposed patient data, now circulating on the dark web. Meanwhile, U.S. agencies warn of rising Interlock ransomware attacks targeting virtual machines across North America and Europe.
Genea, one of Australia’s leading fertility specialists, provides IVF and reproductive health services across multiple clinics. Its systems contain sensitive medical and personal data for thousands of patients undergoing fertility treatments.
Update: In February 2025, Genea experienced a sophisticated cyberattack that compromised its patient management systems. Hackers gained unauthorized access to highly sensitive reproductive health data. On February 26, the company obtained a Supreme Court injunction to prevent the use or spread of the stolen information.
However, Genea only began contacting affected patients a few days ago, more than five months after the breach. Patients received late-night emails revealing that their personal information, including medical diagnoses and clinical records, had been published on the dark web by ransomware groups. The breach affected critical systems that stored medical histories, fertility treatment records, identification documents, and contact information across multiple clinic locations.
“Genea has concluded its investigation into the cyber incident which impacted our organisation in February. This included a comprehensive analysis of the data published on the dark web to identify impacted individuals and the personal information relating to them,” - a statement from Genea.
Why it Matters: Healthcare data breaches carry long-term privacy consequences, especially in reproductive medicine where the information is deeply personal. Exposure of this data can affect future insurance coverage, employment prospects, and personal relationships. The five-month delay in notifying patients increased the risk, leaving individuals unaware that their data was already circulating on the dark web.
Although the Supreme Court injunction showed that legal protections are available, it was not enough to prevent the leak. This incident reveals major weaknesses in data protection across Australia’s healthcare system. It highlights the urgent need for stronger cybersecurity, faster breach response, and immediate notification protocols. Once trust is lost due to delayed disclosure, it can take years to rebuild and may seriously impact a clinic's reputation and operations.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is America's national coordinator for critical infrastructure security and resilience, working alongside the Federal Bureau of Investigation (FBI) to protect against cyber threats. Together, these agencies issue joint advisories to warn organizations about emerging ransomware threats targeting critical infrastructure and business operations across North America and Europe.
Update: CISA, FBI, HHS, and MS-ISAC issued a joint cybersecurity advisory on July 22, 2025, warning of escalating Interlock ransomware attacks targeting businesses and critical infrastructure organizations across North America and Europe. The ransomware variant, first observed in late September 2024, employs sophisticated double extortion tactics, encrypting virtual machines while exfiltrating sensitive data to pressure victims into paying ransoms. Interlock actors use uncommon initial access methods including drive-by downloads from compromised legitimate websites and ClickFix social engineering techniques that trick victims into executing malicious payloads under the guise of system repairs.
The ransomware specifically targets virtual machine environments across Windows and Linux operating systems, leaving physical hosts and workstations currently unaffected. Ransom notes provide unique victim codes and require contact through Tor browser .onion URLs, with no initial payment demands specified. The financially motivated threat actors demonstrate opportunistic targeting patterns, focusing on organizations based on accessibility rather than specific sector preferences.
Why it Matters: This joint advisory represents a significant escalation in ransomware threat warnings, highlighting Interlock's sophisticated approach to virtual machine targeting and unconventional attack vectors. The focus on virtual machine encryption poses unique challenges for enterprise security teams, as traditional endpoint protection may not adequately monitor VM environments. The double extortion model amplifies organizational risks by combining operational disruption through encryption with reputational and regulatory consequences from potential data exposure.
Healthcare and critical infrastructure sectors face particular vulnerabilities due to their reliance on virtualized systems for essential services. The use of drive-by downloads from legitimate compromised websites makes detection significantly more challenging than traditional phishing campaigns. Organizations must urgently reassess their virtual machine security postures, implement robust endpoint detection and response capabilities for VM environments, and enhance user training to recognize ClickFix social engineering tactics. The multi-agency warning underscores the threat's severity and potential for widespread impact across critical infrastructure sectors.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Australian fashion brand Sabo exposes 3.5 million customer records in unprotected database. Meanwhile, Dell confirms breach of demonstration platform by World Leaks extortion group, affecting primarily synthetic data used for product demos.
Singapore is responding to a cyberattack by UNC3886, a China-linked espionage group targeting critical infrastructure. Minister K. Shanmugam confirmed the threat is serious and ongoing, as the CSA leads investigations to protect national services from long-term disruption.
Australian migration authority OMARA discloses accidental data breach affecting six registered agents. Meanwhile, Microsoft warns of critical SharePoint zero-day CVE-2025-53770 being actively exploited worldwide.
United Australia Party confirms ransomware attack exposing all emails and documents. Cisco patches critical ISE vulnerability with maximum CVSS 10.0 severity allowing unauthenticated root access. Steadfast Companies reports data breach affecting 1,102 Texas residents.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
