This 48-hour DFM roundup tracks active MongoDB exploitation, service disruption fallout, and cross-border cybercrime enforcement. Key takeaways for DFIR teams include prioritizing patch-and-rotate workflows for memory-leak exposures, preserving volatile artifacts early, and validating rollback and integrity controls in live-service environments. Policy and governance themes underline the operational value of clear authority lines, evidence discipline, and rapid notification during holiday staffing periods.

Digital Forensics Magazine’s 48-hour cybersecurity roundup tracks the most actionable developments across incident response, investigations, major disruptions, and emerging threats worldwide. This edition highlights ransomware and DDoS impacts, a WatchGuard Firebox zero-day under active exploitation, and supply-chain risk from compromised repositories and malicious npm packages. It also covers law-enforcement crackdowns, policy shifts affecting identity verification and privacy, plus new standards guidance for protecting tokens and assertions.

DFM’s latest 48-hour cybersecurity roundup tracks ransomware and DDoS disruptions hitting critical services, plus a platform hijack that underscores integrity risks in high-traffic ecosystems. We also highlight actively exploited perimeter vulnerabilities, supply-chain threats in npm and notarized macOS droppers, and enforcement actions releasing new decryptors. Policy and standards updates round out what responders need now: evidence-ready incident timelines, resilient identity controls, and third-party governance.

DFM’s 48-hour global roundup tracks active exploitation and high-impact breaches, alongside enforcement and policy moves shaping response obligations. Key themes include appliance-level compromise requiring rebuild decisions, KEV-driven patch acceleration, and major consumer data incidents escalating into multi-agency scrutiny. Investigations emphasize the money layer—mule accounts and laundering hubs—while standards and governance pressures continue to tighten auditability, reporting, and defensible security operations across regions.

In the last 48 hours, breaches and recoveries hit healthcare and retail, while investigators disrupted fraud marketplaces and laundering services. Major incidents affected oil logistics and UK government systems. Active exploitation warnings targeted React2Shell and SonicWall SMA, alongside new CISA ICS advisories. Policy and standards moved on UK cyber legislation, EU CRA reporting, and NIST’s Cyber AI profile this week.