Stryker is rebuilding after a cyberattack that wiped about 80,000 devices via a compromised Intune admin account, with up to 50TB of data reportedly exfiltrated. As US systems face similar probes, Australia is exposed, increasing pressure on boards to tighten cyber controls and readiness.
Amsterdam-based Wonderful has raised $150M in a Series B round led by Insight Partners, valuing the enterprise AI agent platform at $2B. The funding will scale its hyper-local deployment model, which embeds teams with clients to accelerate AI adoption in complex industries across 30+ countries.
Google has issued an emergency patch for a high-severity zero-day (CVE-2026-3910) in its V8 JavaScript engine, which is being actively exploited in the wild. The flaw allows arbitrary code execution, posing a significant risk to billions of Chrome users globally, including in Australia.
Ivanti has confirmed actively exploited, pre‑authentication remote code‑execution flaws in its Endpoint Manager Mobile platform, allowing attackers to hijack internet‑facing MDM servers, push malicious device profiles, and exfiltrate sensitive mobile data at enterprise scale
Cyber News Centre's cyber update for 2nd February 2026: Ivanti has disclosed two critical zero-day vulnerabilities in its Endpoint Manager Mobile (EPMM) software, which are under active attack.
Ivanti is a US-based IT software company that provides solutions for IT security, service management, and unified endpoint management. Its EPMM platform is a mobile device management (MDM) solution used by enterprises worldwide to secure and manage corporate and user-owned mobile devices.
Update: Ivanti has released emergency patches for two critical zero-day vulnerabilities, CVE-2026-1281 and CVE-2026-1340, affecting its Endpoint Manager Mobile (EPMM) software. Both flaws are code injection vulnerabilities that allow unauthenticated attackers to execute arbitrary code remotely. With a CVSS score of 9.8, the vulnerabilities pose a significant threat to organisations that use EPMM to manage their mobile device fleets.
The company has confirmed that a "very limited number" of customers have been exploited. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added CVE-2026-1281 to its Known Exploited Vulnerabilities (KEV) catalog, mandating that U.S. federal agencies patch the flaw by February 1, 2026.
The flaws stem from Ivanti’s In‑House Application Distribution and Android File Transfer Configuration features, where crafted requests can unlock a rich seam of sensitive data; from admin and user credentials to phone numbers, IP addresses and unique device identifiers across the managed fleet.
Once in, attackers are not just reading data but effectively inheriting the keys to the MDM kingdom, with the ability to push configuration changes that can weaken protections or seed malicious profiles across thousands of devices in one hit.
Ivanti has rushed out temporary RPM scripts as a stop‑gap and says a full fix will land in version 12.8.0.0 later in Q1 2026, but the episode adds to a growing rap sheet: as CNC reported in 2024, the same vendor has already weathered major bugs in its Connect Secure and Policy Secure gateways, keeping the spotlight firmly on its hardening story.
Why it Matters: The exploitation of these zero-day vulnerabilities in Ivanti's EPMM software places thousands of organisations globally at immediate risk. As a widely used mobile device management (MDM) platform, EPMM is a gateway to sensitive corporate data and a critical component of enterprise security.
A compromise of the EPMM appliance could lead to widespread data breaches, lateral movement across corporate networks, and the deployment of malware on thousands of mobile devices. The fact that these vulnerabilities are being actively exploited in the wild elevates the threat level, requiring immediate action from all EPMM customers. The short patching deadline set by CISA underscores the severity of the situation.
This incident highlights the inherent risks in the software supply chain and the critical need for robust vulnerability management programs. The potential for attackers to gain access to both corporate and personal data on mobile devices makes this a significant threat to business operations and individual privacy.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Stryker is rebuilding after a cyberattack that wiped about 80,000 devices via a compromised Intune admin account, with up to 50TB of data reportedly exfiltrated. As US systems face similar probes, Australia is exposed, increasing pressure on boards to tighten cyber controls and readiness.
Google has issued an emergency patch for a high-severity zero-day (CVE-2026-3910) in its V8 JavaScript engine, which is being actively exploited in the wild. The flaw allows arbitrary code execution, posing a significant risk to billions of Chrome users globally, including in Australia.
Singtel executives fronted a Senate inquiry, categorically denying explosive allegations that a secret ransom was paid to hackers following the massive 2022 Optus data breach that exposed personal information of 9.8 million Australians, amid ongoing inquiry into the telco's operational failures.
Joint advisory by Australian, New Zealand, and Tongan cyber authorities warns of rising INC Ransom attacks on critical infrastructure. The RaaS group has breached 11 Australian organisations, mainly in healthcare and professional services.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
