Intrix Cyber Security

APAC ransomware pressure: Ransomware and extortion in APAC increasingly exploit third‑party vendors and unpatched access, with data exfiltration in under 72 minutes, stressing vendor control and rapid detection.

Canvas LMS breach impact: A large breach at Canvas LMS hit thousands of Australian education providers, exposing student and staff data and underscoring SaaS platform and third‑party risk.

Australia’s new Cyber Security Act 2024 tightens mandatory incident and AI‑driven event reporting, raising expectations on IR playbooks, governance and board‑level accountability.

Microsoft’s May 2026 Patch Tuesday fixes 118–130+ flaws, including critical SharePoint, DNS, Netlogon and SSO issues, demanding risk-based patch prioritisation for Microsoft-heavy environments.

Australia’s Cyber Security Act introduces smart-device standards, mandatory ransomware reporting, and review mechanisms, making compliance a core part of operational resilience.

Recent Canvas/Instructure breach impacting multiple Australian education providers underscores third-party SaaS risk and the need for data mapping and vendor assurance.

AI-fuelled attacks surge: Fortinet and APAC research show a 389% YoY rise in ransomware victims and 81% of organisations breached via APIs, driven by AI-accelerated exploits—tightening patch windows and spotlighting identity, API security, and continuous monitoring.

New AU ransomware rules: Australia’s Cyber Security Act 2024 now mandates that organisations over AUD $3M report any ransomware payment to ASD within 72 hours, turning ransom choices into regulated board-level compliance events with potential civil penalties.

Education SaaS breach: Global Canvas-Instructure LMS breach hit 9,000 institutions and up to 275M users, including Australian universities, highlighting third-party SaaS and supply-chain risk for education and other SaaS-heavy sectors.

ACSC warns active cPanel exploitation: Public-facing hosting infrastructure under active attack creates patch-urgency decisions for SMBs and service firms, turning routine maintenance into business-continuity response.

Queensland Canvas breach leads: Direct Australian impact across schools and TAFEs showcases third-party risk as a board-level concern, affecting education, healthcare, legal and professional services where vendor data custody defines commercial trust.

Targeted AU ransomware: Recent attacks on Champion Homes and Brand Collective show ransomware groups like DragonForce and The Gentlemen disrupting operations and leaking data, stressing backups, segmentation, and calm response plans.

AI threats to banks: Regulators warn Australian and regional banks that frontier AI could accelerate cyberattacks, pushing CISOs to tighten AI vendor vetting, API security, and shadow AI oversight now.