Acronis researchers identified 575 malicious skills across the OpenClaw ecosystem. Snyk found roughly one in five agent skills is outright malicious. The AI distribution layer has become a primary supply chain attack surface, and Australian regulated industries have direct CPS 230 and CPS 234 exposure.

Frontier LLMs have collapsed the bug-to-exploit window from five months to ten hours, and agents have become a brand new attack surface. Here is what Australian regulated businesses need to do this quarter, and how it maps to the Essential Eight, CPS 234 and the Privacy Act reforms.

CPS 230 is reshaping how businesses approach AI and automation in regulated sectors. This article explains what the APRA standard means for operational resilience, governance, and third-party oversight — and how organisations can use it as a springboard for innovation rather than a hurdle.

Light-touch governance is emerging as the future of AI oversight, helping businesses balance innovation with compliance. By aligning with CPS 230 and ISO 42001, organisations can adopt AI responsibly while avoiding unnecessary bureaucracy. This article explains what light-touch governance is, why it matters, and how businesses can implement it to reduce risk, accelerate adoption, and build trust.

The EU AI Act applies to more Australian exporters than you might think. If your business uses AI and touches the EU market, you need to comply with new risk-tiered regulations. This article breaks down what to do, what to document, and how to stay compliant without stress.

ISO 42001 is the new global standard for AI governance—but how does it compare to the well-established ISO 27001 for information security? In this guide, we explore the key similarities, differences, and how your business can streamline compliance by aligning both standards. Whether you're in finance, healthcare, or logistics, this is essential reading for staying ahead of risk and regulation in the AI era.