Blitzy has raised $200 million at a $1.4 billion valuation to push fully autonomous enterprise software development. By mapping entire legacy codebases and coordinating thousands of AI agents, it promises faster modernization for heavily regulated, slow-moving industries worldwide.
Sierra’s US$950 million raise and US$15 billion valuation signal the acceleration of enterprise agentic AI. Backed by Tiger Global, GV, Sequoia and Benchmark, the company is moving customer service from call-centre queues to autonomous AI agents executing real workflows at global scale, very fast.
Instructure has confirmed that a criminal threat actor accessed Canvas user information and messages, while ShinyHunters claims a far larger education-sector data haul affecting millions of students, teachers, and institutions worldwide.
A critical 9.8‑rated flaw (CVE-2025-40551) in SolarWinds Web Help Desk is under active exploitation, letting unauthenticated attackers execute remote code and prompting urgent patch orders for government and enterprise users worldwide.
Cyber News Centre's cyber update for 6th February 2026: SolarWinds has confirmed active exploitation of a critical vulnerability in its Web Help Desk software, with US authorities ordering federal agencies to patch within three days.
SolarWinds is a major US-based IT management software provider serving more than 300,000 customers worldwide, including government agencies, large corporations, healthcare organizations, and educational institutions across multiple countries including Australia.
Update: A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-40551, is being actively exploited in SolarWinds' Web Help Desk (WHD) software. The flaw, rated 9.8 in severity, is an untrusted data deserialization issue within the AjaxProxy function that allows a remote, unauthenticated attacker to execute operating system commands on an affected server. SolarWinds addressed the vulnerability on January 28 in Web Help Desk version 2026.1. However, evidence of in-the-wild exploitation prompted the US Cybersecurity and Infrastructure Security Agency (CISA) to add the CVE to its Known Exploited Vulnerabilities (KEV) catalog on February 3.
CISA issued an urgent directive requiring US federal agencies to apply the patch by February 6, a significantly shortened three-day deadline that underscores the seriousness of the threat.
The vulnerability was discovered by researchers at Horizon3.ai, who noted it was easily exploitable. This incident marks the third time in recent years that a Web Help Desk vulnerability has been added to the KEV catalog, highlighting the platform as a consistent target for threat actors seeking to compromise enterprise IT environments and gain privileged access to sensitive networks and data.
Why it Matters: The active exploitation of this critical SolarWinds flaw poses a significant and immediate risk to Australian organizations. Government agencies, corporations, and educational institutions using the popular Web Help Desk software are exposed to complete system takeover.
The unusually short three-day patching deadline from CISA serves as a stark warning for security teams globally; this is not a routine vulnerability. The historical targeting of Web Help Desk for high-impact attacks means that any unpatched system is a prime candidate for compromise. A successful attack could lead to widespread data breaches, ransomware deployment, and persistent access for state-sponsored actors or cybercriminals.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Blitzy has raised $200 million at a $1.4 billion valuation to push fully autonomous enterprise software development. By mapping entire legacy codebases and coordinating thousands of AI agents, it promises faster modernization for heavily regulated, slow-moving industries worldwide.
Sierra’s US$950 million raise and US$15 billion valuation signal the acceleration of enterprise agentic AI. Backed by Tiger Global, GV, Sequoia and Benchmark, the company is moving customer service from call-centre queues to autonomous AI agents executing real workflows at global scale, very fast.
Instructure has confirmed that a criminal threat actor accessed Canvas user information and messages, while ShinyHunters claims a far larger education-sector data haul affecting millions of students, teachers, and institutions worldwide.
Trellix says attackers gained unauthorised access to part of its source code repository, but has found no evidence that its release pipeline was affected or that code was exploited.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
