A British national known online as “IntelBroker” has been charged by the U.S. for stealing and selling sensitive data from victims worldwide, causing an estimated $25 million in damages. The indictment, revealed today by the U.S. Attorney’s Office for the Southern District of New York, accuses Kai West, a 25-year-old British man, of using the handle
Exploitation of existing Fortinet Vulnerabilities
This alert is relevant to Australian organisations who utilise Fortinet products. This alert is intended to be understood by technical users. Customers are encouraged to update their devices and investigate for potential compromise. Background / What has happened? Fortinet has released information regarding their observation of active exploitation of previously known vulnerabilities affecting Fortinet devices
Army expanding ‘Transformation in Contact’ initiative to Army Guard
Spc. Anton Lane, a combat medic with specialized drone training, assigned to 5-7 Cavalry 3rd Infantry Division, puts away a Skydio X10E4TT drone as part of a Transformation in Contact exercise. (Sgt. Samantha Hill/Army) The Army’s ongoing brigade modernization program is headed to the Guard. Army Chief of Staff Gen. Randy George told members of
SonicWall warns of trojanized NetExtender stealing VPN logins
SonicWall is warning customers that threat actors are distributing a trojanized version of its NetExtender SSL VPN client used to steal VPN credentials. The fake software, which was discovered by SonicWall’s and Microsoft Threat Intelligence (MSTIC) researchers, mimics the legitimate NetExtender v10.3.2.27, the latest available version. The malicious installer file is hosted on a spoofed website
Multiple Vulnerabilities In Ivanti Endpoint Manager Mobile (Ivanti EPMM)
This alert is relevant to large Australian businesses, organisations, and government. This alert contains a combination of simple and moderately complex technical advice, intended for business owners and technical IT support services. Background ASD’s ACSC is tracking 2 vulnerabilities in Ivanti EPMM: CVE-2025-4427: Medium severity Authentication Bypass CVE-2025-4428: High severity Remote Code Execution When chained
US Homeland Security warns of escalating Iranian cyberattack risks
The U.S. Department of Homeland Security (DHS) warned over the weekend of escalating cyberattack risks by Iran-backed hacking groups and pro-Iranian hacktivists. This warning was issued as a National Terrorism Advisory System bulletin on Sunday and cautions that the Iranian conflict is causing a “heightened threat environment” in the United States, with “low-level” cyberattacks targeting
Russian GRU targeting Western logistics entities and technology companies
Executive summary This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies. This includes those involved in the coordination, transport, and delivery of foreign assistance to Ukraine. Since 2022, Western logistics entities and IT companies have faced an elevated risk of targeting by the Russian General Staff
Army promises to deliver analysis on sweeping changes in 10 days
A U.S. Marine with 1st Battalion, 12th Marines, 3d Marine Division fires a joint light tactical vehicle mounted M240B machine gun while conducting a convoy movement during Spartan Fury 22.1. (Staff Sgt. Olivia G. Knapp/U.S. Marine Corps) U.S. Army Secretary Daniel Driscoll promised Congress today the service would show its homework in 10 days on
Saab taps Anduril to build rocket motors for ground-launched bomb
A Boeing-Saab ground-launched small diameter bomb is fired during a test at Andoya Test Center in Norway. (Photo courtesy of Boeing/Saab) Saab has picked emerging solid rocket motor producer Anduril Rocket Motor Systems to design and build solid rocket motors for its Ground-Launched Small Diameter Bomb, according to officials from both companies. The selection of
Malware on Google Play, Apple App Store stole your photos—and crypto
A new mobile crypto-stealing malware called SparkKitty was found in apps on Google Play and the Apple App Store, targeting Android and iOS devices. The malware is a possible evolution of SparkCat, which Kaspersky discovered in January. SparkCat used optical character recognition (OCR) to steal cryptocurrency wallet recovery phrases from images saved on infected devices.