Davos 2026 revealed an elite world torn between ambition and anxiety as AI promises growth while threatening jobs, power grids and geopolitics. From warnings of mass workforce disruption to energy bottlenecks and strategic rivalry, leaders framed AI as both engine risk shaping decades ahead
The Everest ransomware group has breached ASRock Rack, a major server hardware vendor, stealing 509GB of sensitive data including firmware, BIOS, and other critical files. The breach creates a significant supply chain risk, potentially allowing attackers to embed vulnerabilities in server hardware.
Berlin-based GeneralMind, founded by the team behind German unicorn Razor Group, has secured $12 million in pre-seed funding to develop its AI-driven "System of Action" for automating enterprise workflows. The platform acts as an autopilot for repetitive white-collar tasks across ERPs and email.
Inotiv has confirmed a major data breach after a Qilin ransomware attack exposed the personal, financial and health information of over 9,000 people. The hit on this large US research company highlights rising supply chain risks across the pharmaceutical and healthcare sectors.
Cyber News Centre's cyber update for 9th December 2025: Inotiv, a US-based pharmaceutical contract research organisation, has confirmed it suffered a significant data breach following a ransomware attack in August.
Inotiv is a contract research organisation (CRO) that provides nonclinical and analytical drug discovery and development services. The Indiana-headquartered company supports clients from initial discovery through to the investigational new drug (IND) application stage and beyond, also supplying critical research models.
Update: Indiana-based pharmaceutical research company Inotiv has confirmed that a ransomware attack in August 2025 exposed the sensitive data of 9,542 individuals. The incident, claimed by the Qilin ransomware group, occurred between August 5 and August 8, compromising a wide range of personal, financial, and health information. According to filings with the Maine Attorney General's Office, the stolen data includes names, addresses, Social Security numbers, driver's license numbers, financial account details, and medical and health insurance information.
The breach affected current and former employees, their family members, and other individuals who had interacted with Inotiv or its acquired companies. The Qilin group claimed to have exfiltrated 176 GB of data, including financial records and research contracts. Inotiv, which has over 2,000 employees and reported revenues exceeding $500 million, stated it has restored its systems and is providing 24 months of credit monitoring to affected individuals while continuing to assess the full financial impact.
Why it Matters: This attack on Inotiv highlights the significant and growing threat of supply chain attacks within the pharmaceutical and healthcare sectors. As contract research organisations (CROs) handle vast amounts of proprietary intellectual property and sensitive patient data for multiple clients, they represent a high-value target for ransomware groups like Qilin.
A single breach can have cascading consequences, disrupting drug development timelines and exposing the confidential data of numerous partner organisations. The incident demonstrates that even entities not directly providing patient care are critical infrastructure within the healthcare ecosystem, holding data that is immensely valuable on the dark web and making them prime targets for extortion.
Get the stories that matter to you.
Subscribe to Cyber News Centre and update your preferences to follow our Daily 4min Cyber Update, Innovative AI Startups, The AI Diplomat series, or the main Cyber News Centre newsletter — featuring in-depth analysis on major cyber incidents, tech breakthroughs, global policy, and AI developments.
The Everest ransomware group has breached ASRock Rack, a major server hardware vendor, stealing 509GB of sensitive data including firmware, BIOS, and other critical files. The breach creates a significant supply chain risk, potentially allowing attackers to embed vulnerabilities in server hardware.
A newly disclosed vulnerability in Schneider Electric's Foxboro DCS, a widely used industrial control system, could allow attackers to disrupt critical infrastructure operations. The flaw, originally from Intel, affects energy and manufacturing sectors worldwide, including Australia.
Microsoft has issued an emergency patch for a critical zero-day vulnerability (CVE-2026-20805) in its Windows operating system that is being actively exploited by attackers. The flaw affects all supported versions of Windows.
Japanese automaker Nissan is the latest victim of the Everest ransomware group, which claims to have stolen 900GB of sensitive data. The breach, announced January 10, threatens internal records, dealer info, and possibly customer data —raising serious concerns for its Australian operations.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
