Ayar Labs has secured $500 million in a Series E round to scale its co-packaged optics technology. Backed by NVIDIA and AMD, the company is replacing traditional copper interconnects with light-based data transmission to solve the growing power and bandwidth crisis in AI data centres.
Global legal intelligence giant LexisNexis has confirmed a significant cloud data breach after hackers exploited a vulnerable application, exfiltrating 2GB of data. The incident exposed details on enterprise clients, including law firms and government agencies, raising serious supply chain concerns.
Tehran-linked hackers are turning a distant war into a live resilience test for Australia, probing Five Eyes networks as local banks quietly move to high alert while hybrid warfare becomes a “when, not if” cyber disruption scenario.
A critical 9.8‑rated flaw (CVE-2025-40551) in SolarWinds Web Help Desk is under active exploitation, letting unauthenticated attackers execute remote code and prompting urgent patch orders for government and enterprise users worldwide.
Cyber News Centre's cyber update for 6th February 2026: SolarWinds has confirmed active exploitation of a critical vulnerability in its Web Help Desk software, with US authorities ordering federal agencies to patch within three days.
SolarWinds is a major US-based IT management software provider serving more than 300,000 customers worldwide, including government agencies, large corporations, healthcare organizations, and educational institutions across multiple countries including Australia.
Update: A critical remote code execution (RCE) vulnerability, tracked as CVE-2025-40551, is being actively exploited in SolarWinds' Web Help Desk (WHD) software. The flaw, rated 9.8 in severity, is an untrusted data deserialization issue within the AjaxProxy function that allows a remote, unauthenticated attacker to execute operating system commands on an affected server. SolarWinds addressed the vulnerability on January 28 in Web Help Desk version 2026.1. However, evidence of in-the-wild exploitation prompted the US Cybersecurity and Infrastructure Security Agency (CISA) to add the CVE to its Known Exploited Vulnerabilities (KEV) catalog on February 3.
CISA issued an urgent directive requiring US federal agencies to apply the patch by February 6, a significantly shortened three-day deadline that underscores the seriousness of the threat.
The vulnerability was discovered by researchers at Horizon3.ai, who noted it was easily exploitable. This incident marks the third time in recent years that a Web Help Desk vulnerability has been added to the KEV catalog, highlighting the platform as a consistent target for threat actors seeking to compromise enterprise IT environments and gain privileged access to sensitive networks and data.
Why it Matters: The active exploitation of this critical SolarWinds flaw poses a significant and immediate risk to Australian organizations. Government agencies, corporations, and educational institutions using the popular Web Help Desk software are exposed to complete system takeover.
The unusually short three-day patching deadline from CISA serves as a stark warning for security teams globally; this is not a routine vulnerability. The historical targeting of Web Help Desk for high-impact attacks means that any unpatched system is a prime candidate for compromise. A successful attack could lead to widespread data breaches, ransomware deployment, and persistent access for state-sponsored actors or cybercriminals.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
Global legal intelligence giant LexisNexis has confirmed a significant cloud data breach after hackers exploited a vulnerable application, exfiltrating 2GB of data. The incident exposed details on enterprise clients, including law firms and government agencies, raising serious supply chain concerns.
Tehran-linked hackers are turning a distant war into a live resilience test for Australia, probing Five Eyes networks as local banks quietly move to high alert while hybrid warfare becomes a “when, not if” cyber disruption scenario.
Five Eyes nations, led by Australia's ASD, have issued an urgent warning for a critical zero-day (CVE-2026-20127) in Cisco's SD-WAN products. The flaw, actively exploited since 2023 by a sophisticated actor, allows for complete network takeover and impacts critical infrastructure globally.
Canadian transcription firm VIQ Solutions has admitted to a significant data breach after subcontracting work to an Indian firm, e24 Technologies, exposing highly sensitive Australian federal and state court files. The incident, raises major national security concerns
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
