Europe’s Europa platform disclosed a cloud-hosting cyberattack, Puerto Rico suspended licensing services after a government incident, and researchers detailed BPFdoor sleeper cells in telecom networks. The roundup also covers the FBI director’s personal Gmail breach, RedLine malware extradition, an EU vote against extending CSAM scanning rules, and Lloyds’ customer data exposure caused by a banking glitch in the United Kingdom.

From Trivy’s supply-chain compromise and Citrix’s new NetScaler memory leak to Mazda’s Thailand breach, Stryker’s recovery update, and US sentencing tied to ransomware access brokering, this DFM roundup tracks incidents, investigations, enforcement, and policy shifts. It also covers NIST’s CSF 2.0 workforce guide, a DevSecOps draft, and Treasury’s cyber insurance review alongside Crunchyroll and Infinite Campus breach disclosures this week.

Google reported access-to-operator handoffs dropping to 22 seconds, while Trio-Tech disclosed ransomware at its Singapore unit and Oracle shipped an emergency patch for a critical Fusion Middleware flaw. Europol said 373,000 dark web sites were shut down, and U.S. authorities sentenced facilitators tied to North Korean remote-worker infiltration and a separate business email compromise scheme targeting victims across borders globally.

Microsoft Intune hardening guidance followed the Stryker breach, while ConnectWise patched a critical ScreenConnect flaw. Investigators tied Russian operations to a Zimbra breach and iPhone exploitation in Ukraine. Europol’s Operation Alice shuttered 373,000 dark-web sites, CISA flagged active SharePoint exploitation, and NIST issued final guidance on secure DNS deployment and 5G security design.

Intuitive disclosed a phishing-linked breach of internal business applications, CISA added a Wing FTP flaw to its exploited catalog, and investigators traced GlassWorm fallout into compromised GitHub-hosted Python repositories. INTERPOL warned that AI-enhanced financial fraud is scaling globally, while NIST advanced cryptographic validation automation and the UK ICO pressed technology firms to strengthen age checks and protect children’s data better.