The past 48 hours saw Oracle customers targeted with extortion emails, Asahi shipments in Japan disrupted by ransomware, and CISA expanding its KEV list. DFIR teams investigated child data leaks and PHI exposures, while Dutch teens faced arrest for Europol spying. Policy updates span U.S. awareness campaigns, FCC reviews, and EU/UK compliance shifts.

The latest 48-hour roundup highlights global cyber risks and responses: CISA’s emergency directive on Cisco ASA, a U.S. government breach exposing FEMA and CBP staff data, and Google’s AI ransomware detection for Drive. Switzerland’s new 24-hour reporting rule sharpens compliance deadlines, while law enforcement in Singapore charged 15 over scam-linked mule networks.

Over the past 48 hours, DFIR teams faced active Cisco zero-day exploitation, evolving macOS XCSSET tactics, and BRICKSTORM espionage. Aviation operations suffered vendor software disruption; Harrods reported a third-party breach. INTERPOL announced 260 arrests targeting sextortion scams, and the NCA detained a UK suspect. CISA issued an emergency directive; NIST published compliance updates. Organisations should prioritise patching and secure-boot verification.

Airports across Europe faced major disruption after a third-party ransomware attack, while Jaguar Land Rover extended shutdowns from a cyber incident. Boyd Gaming also reported employee data theft. CISA flagged active Chrome zero-day exploitation, and SolarWinds issued a third patch for a critical flaw. Regulators tightened GDPR fines guidance, and UK police made an arrest.

In the last 48 hours, global cyber events highlighted vendor risk and operational fragility. European airports and Jaguar Land Rover faced major disruptions from supply-chain compromises, while schools in Texas and US agencies managed ransomware recoveries. Threat actors exploited WatchGuard Firebox flaws and posted new ransomware victims. Policymakers reinforced third-party accountability as investigations deepened.