Nominations are now open for the 2026 US Outstanding Security Performance Awards (OSPAs), recognising excellence across the global security profession. Open to individuals, teams, and organisations, the awards highlight innovation, leadership, and measurable achievement across the sector. With national winners progressing to global recognition, the programme offers a valuable opportunity to showcase professional success and industry leadership.

From Trivy’s supply-chain compromise and Citrix’s new NetScaler memory leak to Mazda’s Thailand breach, Stryker’s recovery update, and US sentencing tied to ransomware access brokering, this DFM roundup tracks incidents, investigations, enforcement, and policy shifts. It also covers NIST’s CSF 2.0 workforce guide, a DevSecOps draft, and Treasury’s cyber insurance review alongside Crunchyroll and Infinite Campus breach disclosures this week.

Issue 57 explores court-admissible gait recognition, showing how AI-driven analysis transformed poor CCTV into decisive biometric evidence. Features examine AI-assisted DFIR workflows, modern forensic DNA interpretation, ransomware groups scheduling attacks for maximum disruption, and new hardware-based approaches to restoring forensic chain-of-custody in hyperscale environments, delivering practical insights for investigators and digital forensic professionals worldwide.

Google reported access-to-operator handoffs dropping to 22 seconds, while Trio-Tech disclosed ransomware at its Singapore unit and Oracle shipped an emergency patch for a critical Fusion Middleware flaw. Europol said 373,000 dark web sites were shut down, and U.S. authorities sentenced facilitators tied to North Korean remote-worker infiltration and a separate business email compromise scheme targeting victims across borders globally.

Microsoft Intune hardening guidance followed the Stryker breach, while ConnectWise patched a critical ScreenConnect flaw. Investigators tied Russian operations to a Zimbra breach and iPhone exploitation in Ukraine. Europol’s Operation Alice shuttered 373,000 dark-web sites, CISA flagged active SharePoint exploitation, and NIST issued final guidance on secure DNS deployment and 5G security design.