DFM’s 48-hour global roundup tracks active exploitation and high-impact breaches, alongside enforcement and policy moves shaping response obligations. Key themes include appliance-level compromise requiring rebuild decisions, KEV-driven patch acceleration, and major consumer data incidents escalating into multi-agency scrutiny. Investigations emphasize the money layer—mule accounts and laundering hubs—while standards and governance pressures continue to tighten auditability, reporting, and defensible security operations across regions.

In the last 48 hours, breaches and recoveries hit healthcare and retail, while investigators disrupted fraud marketplaces and laundering services. Major incidents affected oil logistics and UK government systems. Active exploitation warnings targeted React2Shell and SonicWall SMA, alongside new CISA ICS advisories. Policy and standards moved on UK cyber legislation, EU CRA reporting, and NIST’s Cyber AI profile this week.

DFM’s latest 48-hour roundup covers ransomware recovery updates, major platform breaches, and active exploitation alerts, alongside fraud investigations and law enforcement crackdowns. Policy signals include UK resilience legislation progress and rising phishing of public officials, while NIST advances AI-era security profiles. The edition also tracks consumer app exposure risks and third-party telemetry weaknesses shaping incident response.

In the past 48 hours, responders tracked macOS infostealer lures and a ransomware decryptor weakness, while regulators opened probes into UK mobile outages and Seoul investigators intensified action over Coupang. Major breach disclosures include 700Credit impacts, alongside React2Shell/KEV patch pressure. Enforcement operations targeted SIM and laundering networks. Consumer risks rose from exposed AI imagery, fiction-app records leaks, and fake apps.

This 48-hour DFM roundup tracks global cyber risk across DFIR, investigations, major incidents, exploitation and governance. Highlights include government email compromise, large-scale consumer breach fallout, OT and Windows patch triage, and enforcement actions disrupting hostile infrastructure. The meta theme is evidence readiness: deception telemetry, standardized baselines, supplier controls and rapid remediation are now inseparable from incident response and regulatory defensibility for teams.