Investigators tracked a FIFA-themed fraud network, examined a law firm’s Microsoft 365 breach, and followed prosecutions tied to stolen government access. Major disclosures affected telecom and travel customers, while researchers documented FortiClient exploitation and The Gentlemen ransomware. Singapore warned about AI agent risks, ENISA assessed NIS2 sector maturity, and Dutch police arrested a suspect linked to the Ajax data breach.

Investigators tracked a China-linked breach at Wiley Rein, Dutch police arrested a suspect tied to AFC Ajax intrusions, and CISA warned of an exploited LiteSpeed plugin zero-day. Reporting also linked Iranian actors to Los Angeles transit network disruption while CERT-In disclosed multiple Trend Micro Apex One vulnerabilities. The roundup examines evidential preservation, attribution confidence, and cross-platform investigative correlation challenges globally.

Taiwan recorded 726 government cyber incidents while Singapore police expanded cross-border scam investigations and SIM-fraud prosecutions. Researchers traced malicious packages across npm, PyPI and Composer ecosystems, and investigators examined a breach affecting IBM’s Italian subsidiary. The roundup also covers GitHub workflow compromises, calendar-phishing evidence collection, and new npm publishing controls intended to strengthen software supply-chain accountability across developer environments globally.

Investigators tracked ShinyHunters-linked franchise data theft affecting 7-Eleven systems while French authorities expanded BreachForums attribution efforts. Telecom espionage activity using the Showboat Linux backdoor targeted Central Asian providers, and Europol dismantled the criminal First VPN service. Microsoft addressed actively exploited Defender vulnerabilities as NIST advanced manufacturing recovery guidance and software supply-chain assurance discussions for public and private sector investigators globally.

Investigators tracked deepfake risks in UK councils, cloud-based exfiltration through Cloudflare endpoints, and alleged cyber-slavery recruitment tied to Cambodian scam compounds. GitHub confirmed repository exposure after a poisoned package compromise, while NIST advanced software provenance guidance and UK authorities expanded financial tracing against livestreamed child exploitation networks. Education-sector breach claims and AI-driven vulnerability research further shaped this reporting cycle globally.