Davos 2026 revealed an elite world torn between ambition and anxiety as AI promises growth while threatening jobs, power grids and geopolitics. From warnings of mass workforce disruption to energy bottlenecks and strategic rivalry, leaders framed AI as both engine risk shaping decades ahead
The Everest ransomware group has breached ASRock Rack, a major server hardware vendor, stealing 509GB of sensitive data including firmware, BIOS, and other critical files. The breach creates a significant supply chain risk, potentially allowing attackers to embed vulnerabilities in server hardware.
Berlin-based GeneralMind, founded by the team behind German unicorn Razor Group, has secured $12 million in pre-seed funding to develop its AI-driven "System of Action" for automating enterprise workflows. The platform acts as an autopilot for repetitive white-collar tasks across ERPs and email.
CISA, FBI, and ACSC warn of LockBit 3.0 ransomware exploiting the critical "Citrix Bleed" vulnerability (CVE-2023-4966) in Citrix appliances. Businesses are urged to patch immediately, as attackers can bypass MFA and gain unauthorized access, posing serious cyber risks.
In a crucial cybersecurity collaboration, the Cybersecurity and Infrastructure Security Agency (CISA), FBI, MS-ISAC, and ASD’s ACSC have issued a joint advisory about LockBit 3.0 ransomware exploiting the CVE-2023-4966 vulnerability, known as "Citrix Bleed." This vulnerability affects Citrix NetScaler ADC and Gateway appliances.
The advisory details TTPs and IOCs sourced from the FBI, ACSC, and Boeing. Boeing's experience with LockBit 3.0 exploiting CVE-2023-4966 for unauthorised access highlights the threat's seriousness. LockBit 3.0, known for its diverse attack methods, targets multiple critical infrastructure sectors. "Citrix Bleed" allows attackers to bypass passwords and MFA, facilitating unauthorised access and data compromise.
CISA and partnering organisations stress the urgency of applying the recommended mitigations, including isolating affected appliances and updating software via the Citrix Knowledge Center. The vulnerability, which enables hijacking legitimate user sessions, was identified in early 2023 and publicly disclosed by Citrix in October 2023. Due to its severity, CISA added it to the KEVs Catalog, emphasising its critical impact on various software versions.
This advisory's release is a significant wake-up call for businesses globally. It underscores the escalating sophistication of cyber threats, particularly ransomware like LockBit 3.0, which now exploit critical vulnerabilities to gain extensive access to corporate networks. The ability to bypass MFA, a cornerstone of modern cybersecurity defences, represents a new level of threat that requires immediate and proactive response. Businesses, especially those in critical infrastructure sectors, must prioritise patching vulnerabilities like CVE-2023-4966 and adopt a layered security approach. This incident highlights the ongoing arms race in cybersecurity, where businesses must constantly evolve their defences in response to increasingly advanced cyber threats.
ASIO’s $12.5 billion espionage warning is more than a tally of stolen secrets. It reveals a national digital crisis. With 24 major spy operations disrupted and identity systems exposed, Australia’s critical infrastructure and social services face a growing risk of collapse from unseen cyber threats.
Asia-Pacific faces escalating cyber threats: Qantas breach exposes 6M records, ransomware surges 57%, Japan doubles cybersecurity workforce by 2030. Singapore implements anti-scam laws, Indonesia establishes AI task force. Aviation sector under coordinated attack by Scattered Spider group.
Qantas has confirmed a cyberattack exposing data from six million customers. Cybersecurity experts link the breach to the Scattered Spider group, known for targeting critical infrastructure. The incident highlights rising threats across the global aviation sector.
Asia-Pacific faced over one-third of all cyberattacks in 2024, making it the world’s top target. From manufacturing breaches to talent shortages and rising ransomware, CNC investigates how a region of digital ambition became cybercrime’s global epicentre.
Where cybersecurity meets innovation, the CNC team delivers AI and tech breakthroughs for our digital future. We analyze incidents, data, and insights to keep you informed, secure, and ahead. Sign up for free!
