NVIDIA launches the Isaac GR00T open humanoid robot platform and positions DRIVE Hyperion as the global robotaxi standard, signalling the decisive shift from digital AI to physical intelligence.
Anthropic’s confidential S-1 filing asks public markets to judge whether frontier AI can turn strategic heat into durable economics.
DeepSeek is in talks to raise $10B at a $45B valuation — the largest first-time fundraise by a Chinese tech startup. Founder Liang Wenfeng is focused on AGI, not short-term profit, as sovereign backers rush to fund China's open-source AI champion.
Global legal intelligence giant LexisNexis has confirmed a significant cloud data breach after hackers exploited a vulnerable application, exfiltrating 2GB of data. The incident exposed details on enterprise clients, including law firms and government agencies, raising serious supply chain concerns.
Cyber News Centre's cyber update for 4th March 2026: LexisNexis has confirmed a significant data breach after a threat actor compromised its cloud infrastructure and leaked sensitive data belonging to its enterprise customers, including law firms and government agencies.
LexisNexis Legal & Professional, a division of the global information and analytics group RELX, provides essential research and data services to legal, corporate, and government sectors worldwide. The company is a critical information supplier for many Australian law firms, courts, and federal agencies, making this breach a significant supply chain security event.
Update: Yesterday, LexisNexis confirmed that a threat actor operating under the alias FulcrumSec had successfully breached its AWS cloud environment on February 24. The attackers exploited a known vulnerability, dubbed React2Shell, in an unpatched React front-end application. This initial access was escalated due to severe security misconfigurations, including an overly permissive IAM role and a hardcoded, weak database password ("Lexis1234").
The breach resulted in the exfiltration of 2.04 GB of data, which was subsequently leaked on underground forums. The compromised data includes details on over 21,000 enterprise customer accounts, nearly 400,000 user profiles with contact information, and a complete map of the company's VPC infrastructure. While LexisNexis stated the data was mostly legacy information from before 2020 and did not contain sensitive personal identifiers like Social Security numbers, the leak does include information on government clients, including U.S. federal judges and Department of Justice attorneys.
The company has since contained the intrusion, notified law enforcement, and engaged an external forensics firm. This marks the second major security incident for a RELX-owned entity in less than a year, raising serious questions about its overall security posture.
Why it Matters: This breach is not just another corporate data leak; it is a direct hit on the trusted information backbone of the legal and government sectors in Australia and globally. For Australian law firms and government agencies that rely on LexisNexis, the incident exposes them to potential targeted phishing campaigns and reveals sensitive details about their technology procurement and usage. The exposure of government employee contact information, even if legacy, provides ammunition for foreign intelligence services.
The fundamental failure in cloud security hygiene, specifically the combination of an unpatched vulnerability and catastrophic IAM permission settings, demonstrates a systemic weakness at a critical supply chain vendor. This forces every client to question the security assurances of their key data suppliers and underscores the urgent need for robust, independent verification of third-party security controls, as a supplier's failure can become a client's crisis.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Liquid Instruments has raised $70 million to scale its AI driven Moku platform globally, backing Australia’s deep tech ambitions while helping engineers in defence, space, semiconductors and quantum computing replace rigid hardware with adaptable software defined tools.
CISA has added an actively exploited LiteSpeed cPanel Plugin flaw to its KEV catalogue, with hosting providers urged to patch or remove the vulnerable user-end plugin.
CISA’s latest KEV update mixes new Microsoft Defender flaws with legacy Windows and Adobe bugs, showing why exploited risk often sits in forgotten systems.
Microsoft has confirmed active exploitation of CVE-2026-42897, putting exposed on-prem Exchange and Outlook Web Access environments back under pressure.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
