Qilin ransomware tactics evolve, commercial spyware resurfaces, and municipal services face fresh extortion pressure. A Lanscope zero-day and BIND 9 risks demand swift patching, while Singapore tackles SIM-fraud networks on the ground. New supply-chain ransomware guidance and crypto-finance sanctions signal policy tightening. Plus, standards shifts in ICMPv6 and hashing preview changes coming to defensive stacks.

Qilin ransomware tactics evolve, commercial spyware resurfaces, and municipal services face fresh extortion pressure. A Lanscope zero-day and BIND 9 risks demand swift patching, while Singapore tackles SIM-fraud networks on the ground. New supply-chain ransomware guidance and crypto-finance sanctions signal policy tightening. Plus, standards shifts in ICMPv6 and hashing preview changes coming to defensive stacks.

CISA issues new ICS advisories, Pwn2Own researchers reveal 34 zero-days, and Microsoft warns of AI-driven cyberattacks. Global investigations continue into SharePoint ToolShell exploitation and healthcare data breaches. Law enforcement seizes $14 billion in cryptocurrency, while NIST and ISO release new cybersecurity standards shaping compliance, risk management, and DFIR priorities for enterprises worldwide.

Global DFIR highlights include 34 zero-days chained at Pwn2Own Ireland and active Oracle E-Business Suite exploitation confirmed by CISA. Microsoft detailed Blob Storage attack chains, while Muji and Verisure faced major breaches. UK police secured major online abuse convictions. NIST and the EU advanced supply-chain and cybersecurity certification initiatives, signalling rising compliance expectations.

Envoy Air and Prosper breaches dominate this 48-hour cycle, alongside China’s cyber-espionage allegations against the U.S. and new F5 patches issued after a major breach. GDPR enforcement, sanctions on scam networks, and NCSC’s annual review add regulatory weight. DFIR teams face converging challenges across extortion, compliance, and state-linked threat activity.