Australia’s A$25bn AI wager, Bezos’s leap into “physical AI” and Musk’s push to shift data centres into orbit turned this week into a defining moment in the AI global industrial contest, with the Global South emerging as both proving ground and prize in the new AI steel age.
Vercel confirms a security incident after a compromised third-party AI tool's OAuth token allowed attackers to pivot into internal systems, exposing environment variables and API keys across its platform.
Anthropic is scrambling to contain fresh questions over its Mythos AI after online users reportedly accessed the ultra‑powerful model through previously mapped pathways, sharpening Pentagon supply chain concerns and spooking markets already on edge about AI‑driven cyber risk
A significant cyberattack on real estate finance vendor SitusAMC has compromised corporate and customer data, impacting major US banks including JPMorgan Chase, Citi, and Morgan Stanley. The FBI is now investigating the breach, which affects the sensitive data of residential mortgage holders.
Cyber News Centre's cyber update for 24th November 2025: SitusAMC, a critical technology vendor for the real estate finance industry, has confirmed a significant data breach that has prompted an FBI investigation and sent major US banks scrambling to assess the impact on their customers.
SitusAMC is a leading provider of technology and services for the commercial and residential real estate finance industry. The company is trusted by hundreds of lenders and investors, including top-tier banks, to support the entire lifecycle of their real estate activities, from origination and valuation to servicing and asset management.
Update: SitusAMC confirmed on November 22 that it detected a cyberattack on November 12, which resulted in the compromise of corporate and client data. The company stated that accounting records, legal agreements, and data related to its clients' customers, specifically residential loan mortgages, were impacted. While the full extent is still under investigation, the breach did not involve ransomware. In a statement, SitusAMC CEO Michael Franco confirmed the incident is contained and that the company notified federal law enforcement. The FBI is now actively investigating the matter as major financial institutions, including JPMorgan Chase, Citi, and Morgan Stanley, work to determine the scope of exposure for their customers. The breach highlights the significant downstream risk posed by third-party vendors that are deeply integrated into the financial system, processing vast amounts of sensitive personal and financial information for the nation's largest banks.
Why it Matters: This incident is a stark reminder of the systemic risk embedded in the global financial supply chain. A single breach at a critical, but lesser-known, vendor can have cascading consequences for the world's largest banks and their millions of customers. The exposure of residential mortgage data creates a significant threat of targeted fraud, identity theft, and sophisticated phishing campaigns against homeowners. For Australia, whose financial and real estate markets are deeply intertwined with the US system, this event serves as a critical alert. It demonstrates how a compromise in a US-based vendor can create ripple effects, potentially impacting Australian homeowners and financial institutions.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Vercel confirms a security incident after a compromised third-party AI tool's OAuth token allowed attackers to pivot into internal systems, exposing environment variables and API keys across its platform.
According to Microsoft’s April 2026 Security Update Guide, the company fixed more than 160 vulnerabilities across Windows, Office and core services, including an actively exploited SharePoint zero‑day and a Defender privilege‑escalation flaw.
The largest DeFi exploit of 2026 has seen $293 million drained from Kelp DAO's LayerZero cross-chain bridge, triggering a $5.4 billion withdrawal panic across the broader ecosystem and exposing critical centralization flaws in modular security.
ShinyHunters has exposed a critical weakness in cloud systems. The McGraw Hill breach shows how misconfigured Salesforce portals enabled large scale data leaks, with no software flaw to fix. This marks a shift toward exploiting common operational gaps rather than rare vulnerabilities.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
