Insights

Cybersecurity Blog

Threat intelligence, compliance guidance, and practical security advice straight from our SOC and advisory team.

AI SecurityProject GlasswingMDR

The Attackers Just Got Mythos-Class AI. Are Your Defences Ready?

Anthropic built an AI so dangerous they won't release it. It found zero-days in every major OS and browser in weeks, then broke out of its own sandbox. What happens when that capability reaches adversaries?

Chris McDonald, CEO

9 April 2026Read
Threat IntelligenceIncident ResponseSocial Engineering

ClickFix: The Attack That Asks You to Compromise Yourself

We responded to a macOS compromise where the victim executed the malicious command themselves. No exploit, no zero-day — just a fake CAPTCHA and social engineering. This is ClickFix.

Bailey Marshall, Chief Technology Officer

8 April 2026Read
Supply Chain SecurityAI SecurityThreat Intelligence

The AI "Gold Rush" is a Supply Chain Nightmare

The rapid adoption of AI has introduced a new middle layer in the application stack, turning trusted dependencies into Trojan horses. How supply chain attacks are reshaping the threat landscape.

Alessandra Melo, Global Senior Cybersecurity Engineer

3 April 2026Read
Microsoft 365Secure ScoreM365 Security

Microsoft Secure Score: Security Metric or False Sense of Confidence?

Microsoft Secure Score matters, but only if you look at it the right way. What it actually measures, where businesses get it wrong, and how to use it to reduce real risk.

Mariane Ribeiro, Cybersecurity Engineer

26 March 2026Read
Professional ServicesThreat IntelligenceBEC

Why Accounting and Legal Firms Are the Perfect Target

High-value data, trusted relationships, and deadline pressure make professional services firms prime targets for cybercriminals. Here is why, and what to do about it.

Chris McDonald

18 March 2026Read
AI GovernanceISO 42001AI Management

AI Management Systems: Why They Matter More Than You Think

AI deployment has outpaced governance in most businesses. What an AI management system is, what it should cover, and why Australian businesses need one now.

Chris McDonald

18 March 2026Read
SMB SecurityIT ProviderManaged Security

Is Your IT Provider Really Providing Optimal Cyber Protection? 10 Things to Consider

IT management and cybersecurity are different disciplines. Here are 10 questions every Australian SMB should be asking their IT provider about cyber protection.

Chris McDonald

18 March 2026Read
Essential EightComplianceASD

Demystifying ASD Essential Eight: It's Not That Hard, Is It?

A plain-English breakdown of the ASD Essential Eight. What each control does, why most organisations are further along than they think, and where to start.

Chris McDonald

18 March 2026Read
AI SecurityLLMPrompt Injection

Prompt Injection: How Attackers Manipulate AI Systems

Prompt injection is one of the biggest security risks facing AI systems today. Learn how it works, common manipulation techniques, and how to secure your LLMs.

Kat Ho, Offensive Security Analyst

18 March 2026Read