The Everest ransomware group has breached ASRock Rack, a major server hardware vendor, stealing 509GB of sensitive data including firmware, BIOS, and other critical files. The breach creates a significant supply chain risk, potentially allowing attackers to embed vulnerabilities in server hardware.
Berlin-based GeneralMind, founded by the team behind German unicorn Razor Group, has secured $12 million in pre-seed funding to develop its AI-driven "System of Action" for automating enterprise workflows. The platform acts as an autopilot for repetitive white-collar tasks across ERPs and email.
A newly disclosed vulnerability in Schneider Electric's Foxboro DCS, a widely used industrial control system, could allow attackers to disrupt critical infrastructure operations. The flaw, originally from Intel, affects energy and manufacturing sectors worldwide, including Australia.
The Everest ransomware group has breached ASRock Rack, a major server hardware vendor, stealing 509GB of sensitive data including firmware, BIOS, and other critical files. The breach creates a significant supply chain risk, potentially allowing attackers to embed vulnerabilities in server hardware.
Cyber News Centre's cyber update for 23rd January 2026: ASRock Rack has been breached by the Everest ransomware group, exposing critical server hardware data and creating a significant supply chain risk.
ASRock Rack Inc., the enterprise server hardware subsidiary of Taiwanese manufacturer ASRock, was listed on the Everest ransomware group's dark web leak site on January 21, 2026. Established in 2013, the company specialises in cloud computing server hardware, including motherboards, servers, and storage solutions used in data centers worldwide.
Update: The Everest ransomware group, a Russian-speaking cybercriminal entity known for data exfiltration and access brokering, claims to have stolen a 509-gigabyte database from ASRock Rack. The stolen data reportedly includes highly sensitive technical documentation, firmware, software, BIOS files, diagnostic and installation tools, and Baseboard Management Controller (BMC) firmware. Everest has threatened to publish the full data set within nine days if its demands are not met, though no public ransom amount has been specified. The group provided screenshots of file trees as proof, with keywords like "data centre" and "diag" suggesting the authenticity of the stolen material.
This incident is part of a recent wave of attacks by Everest, which also targeted McDonald's India and an ASUS supplier. The group has a history of evolving its tactics, moving from simple data exfiltration to full-scale ransomware and, more recently, focusing on data-only extortion. This attack on a core hardware vendor highlights the increasing focus of ransomware groups on high-value enterprise targets with the potential for widespread downstream impact. The exfiltration of low-level hardware and firmware files represents a significant escalation in the group's operational capabilities and strategic targeting.
Why it Matters: This breach extends beyond a typical data leak and poses a severe supply chain risk to organizations globally, including in Australia, that rely on ASRock Rack server hardware. With access to firmware and BIOS-related material, attackers could potentially embed hidden vulnerabilities or backdoors directly into the hardware's core software. Malicious actors could repackage these authentic-looking drivers and firmware updates for malicious distribution, creating a trusted entry point into secure networks.
This incident serves as a critical reminder that the security of the digital supply chain is only as strong as its weakest link, and a compromise at the hardware level can undermine layers of software-based security, creating persistent and hard-to-detect risks for enterprise and government infrastructure.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
A newly disclosed vulnerability in Schneider Electric's Foxboro DCS, a widely used industrial control system, could allow attackers to disrupt critical infrastructure operations. The flaw, originally from Intel, affects energy and manufacturing sectors worldwide, including Australia.
Microsoft has issued an emergency patch for a critical zero-day vulnerability (CVE-2026-20805) in its Windows operating system that is being actively exploited by attackers. The flaw affects all supported versions of Windows.
Japanese automaker Nissan is the latest victim of the Everest ransomware group, which claims to have stolen 900GB of sensitive data. The breach, announced January 10, threatens internal records, dealer info, and possibly customer data —raising serious concerns for its Australian operations.
The Victorian Department of Education has confirmed a major data breach affecting all 1700+ government schools. Hackers accessed the names, emails, and encrypted passwords of current and former students, impacting potentially hundreds of thousands of individuals just weeks before the new school year
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
