Grafana confirmed a breach after cybercriminal exposure claims, while researchers tracked Telegram-based iPhone unlocking services tied to stolen devices. Investigators also examined active exploitation of a critical NGINX vulnerability, cloned Shai-Hulud malware campaigns and INTERPOL’s Operation Ramz arrests across the MENA region. Policy discussions focused on AI-assisted vulnerability discovery and regulatory expectations surrounding automated cyber risk analysis in financial sectors.

OpenAI rotated certificates after the TanStack npm supply-chain compromise, while Foxconn resumed operations following a ransomware incident claimed by Nitrogen. Cisco warned of active exploitation against critical SD-WAN infrastructure, and investigators examined breaches affecting Canvas and Nvidia GeForce NOW partners UK cyber sector analysis and ENISA CVE authority expansion highlighted dependence on evidence handling, vulnerability governance and investigative capability globally.

Canvas breach negotiations, Foxconn ransomware disruption, malicious RubyGems packages and Microsoft’s May patch cycle dominated the latest Digital Forensics Magazine roundup. Investigators also tracked prolonged compromise exposure at a UK water provider, regulatory findings affecting Dutch healthcare security practices, and FTC guidance following education-sector data theft claims. The reporting highlights pressure on evidence preservation, attribution accuracy and cross-platform investigative coordination.

Investigators examined ShinyHunters activity affecting Canvas education platforms, UK police charged suspects linked to a cryptocurrency fraud scheme, and researchers warned that Dirty Frag Linux vulnerabilities may already be exploited INTERPOL coordinated pharmaceutical marketplace seizures across 90 jurisdictions while US prosecutors secured sentences in a DPRK remote IT worker case Australia’s ACSC also warned of active cPanel and WHM exploitation.

Investigations this cycle examined exposed military training records, a trojanised DAEMON Tools software supply-chain compromise, and exploitation targeting PAN-OS captive portals. Authorities also detailed North Korean remote IT worker fraud operations and database deletion offences, while Queensland schools assessed fallout from stolen student records linked to the QLearn environment. NIST additionally updated guidance covering positioning, navigation and timing cybersecurity risks.