Joint NSA-partner guidance and an NHS alert urge urgent hunting and hardening for actively exploited Cisco Catalyst SD-WAN flaws. Dutch telco Odido reports attackers publishing stolen customer data, while ManoMano notifies 38 million users after a third-party breach. Trend Micro patched critical Apex One console RCE. DOJ says scam-center crypto freezes exceeded $580m. EU advanced an undersea cable protection plan.

Australia’s ACSC released Azul, an open-source malware analysis tool, as defenders tracked vishing-driven access at Optimizely and extortion claims hitting Wynn Resorts and Air Côte d’Ivoire. Researchers detailed a GitHub Copilot prompt-injection chain and an NPM supply-chain campaign dubbed Sandworm_Mode. Spain arrested Anonymous Fénix suspects, while U.S. Treasury sanctioned a bulletproof hosting provider. NIST updated CSF guidance; CarGurus disclosed breach.

Ransomware disrupted University of Mississippi Medical Center clinics while Japan’s Advantest investigated a network intrusion. CISA warned BeyondTrust CVE-2026-1731 is exploited in ransomware, and a critical Grandstream VoIP flaw enables root RCE. PayPal reported customer-data exposure from an application error, and an Android AI media editor leaked millions of files, alongside indictments for ATM jackpotting.

Attackers are cutting response windows: Unit 42 cites cases reaching data exfiltration in 72 minutes. Figure Technology Solutions confirmed a breach tied to leaked user records, while Meriden, Connecticut reported ransomware disruption. Mandiant warned of active exploitation of a Dell RecoverPoint for VMs zero-day, and the UK ICO prevailed in the DSG Retail appeal, sharpening expectations for “appropriate security” practice.

China-linked actors exploited a Dell RecoverPoint zero-day for 18 months, while CISA added an actively exploited Chrome flaw to its KEV catalog. Australia’s YouX faced a major data-leak claim, and passport scans from Abu Dhabi Finance Week were exposed via a vendor server. Police arrested a Phobos ransomware suspect in Poland, as the UK launched a business cyber-hygiene campaign nationwide.