A global surge in third-party breaches, emergency-service outages, and supply-chain malware defined this 48-hour cycle. OpenAI’s Mixpanel incident, Asahi’s major data leak, and widespread disruptions at London councils and CodeRED highlight escalating systemic risk. New exploits, regulatory actions, and ISO-27001 advances reinforce the need for evidence-ready DFIR processes, developer-pipeline security, and stronger vendor oversight.

The latest 48 hours saw coordinated attacks on London councils, a breach at Harvard, and ransomware disrupting US emergency alerts. Industrial firm Balkrishna Paper Mills and major banking vendor SitusAMC also reported compromises. Active exploitation of a FortiWeb zero-day, a revived npm worm campaign, and a huge Android fiction-app data leak round out a high-impact period.

The past 48 hours saw major activity across DFIR, investigations and global threat intelligence, with ransomware playbooks, supply-chain breaches and identity-system zero-days dominating the landscape. Law-enforcement operations intensified across Asia, while G7 nations advanced cyber-policy coordination. Key updates highlight the growing convergence of identity, vendor ecosystems and human factors as critical security priorities.

A turbulent 48 hours saw fresh SaaS supply-chain breaches, a ransomware hit on an LG battery subsidiary, and renewed scrutiny of backup resilience and offline records. Law enforcement ran large-scale fraud crackdowns across India and arrested a Russian hacking suspect in Thailand, while new UK and US policy moves tightened expectations on incident reporting, sanctions and third-party risk.

The past 48–72 hours saw major updates across global cyber operations, including Cloudflare’s root-cause analysis of its worldwide outage, resurging exploits against Cisco IOS XE and Ivanti EPMM, and active Chrome zero-day attacks. Law enforcement advanced ransomware-laundering investigations, while Japan and the EU issued new cyber-strategy and election-security guidance.