Ransomware at ChipSoft disrupted Dutch hospitals, while Signature Healthcare diverted ambulances after a cyberattack. UK authorities linked router hijacking to a Russian military unit, and Northern Ireland schools faced network outages. Treasury launched crypto threat sharing, the NCA froze $12 million in scam proceeds, and NIST advanced AI risk guidance for critical infrastructure operators amid rising supplier and mobile exposure.

This edition tracks a cloud-breach attribution at the European Commission, emergency remediation for actively exploited FortiClient EMS systems, and CISA action on a TrueConf flaw. It also covers a cyberattack on a Massachusetts emergency communications centre, Microsoft’s warning on fast-moving Medusa intrusions, and Cambodia’s new cybercrime law aimed at scams, laundering, recruitment, and illicit data handling.

CISA flagged active exploitation of a Langflow flaw, while researchers warned ShareFile bugs can deliver unauthenticated remote code execution. Mercor confirmed fallout from the LiteLLM supply-chain compromise, Hasbro investigated unauthorized network access, and CERT-EU widened the scope of the Europa platform breach. Policy and standards developments also moved, from China’s digital-human draft rules to ENISA’s digital wallet certification work effort.

Europe’s Commission disclosed data theft from cloud infrastructure, while CISA ordered urgent Citrix patching for active exploitation. U.S. prosecutors charged a suspect over the $50 million Uranium Finance hacks, and researchers linked the axios npm supply-chain compromise to North Korean actors. The roundup also tracks UK scam-centre sanctions, Italy’s Intesa breach fine, and Lloyds’ mobile banking data exposure this week.

F5 BIG-IP exploitation escalated after a flaw was reclassified to critical RCE, while a Fortinet FortiClient EMS bug also came under active attack. The European Commission confirmed a data breach after the Europa web platform incident, and UK sanctions targeted infrastructure tied to Cambodia-based scam operations. NCA’s 2026 assessment also linked cybercrime more closely with wider organised offending patterns overall.