Wednesday, April 8 2026

News Centre

Here you can access the latest 48hr Global News Roundups from DFM

We scour the internet to find the latest stories relating to:

DFIR, Cyber Investigations, Major Cyber Incidents, Exploits & Threat Intelligence, Law Enforcement, Policy, Standards & Compliance and Consumer App Data Leaks

We also provide an Editorial Perspective and a Reference List for further reading.

NEWS ROUNDUP – 8th April 2026

08/04/2026

CISA, FBI and NSA warned that Iranian-linked actors are targeting internet-connected PLCs in U.S. critical infrastructure, while a Massachusetts hospital diverted ambulances after a cyberattack. Investigators tracked cloud data theft to abused authentication tokens after a SaaS integrator breach, and the DOJ disrupted a GRU-linked DNS hijacking botnet as NIST advanced an AI risk profile for critical infrastructure operators broadly.

NEWS ROUNDUP – 7th April 2026

06/04/2026

This edition tracks a cloud-breach attribution at the European Commission, emergency remediation for actively exploited FortiClient EMS systems, and CISA action on a TrueConf flaw. It also covers a cyberattack on a Massachusetts emergency communications centre, Microsoft’s warning on fast-moving Medusa intrusions, and Cambodia’s new cybercrime law aimed at scams, laundering, recruitment, and illicit data handling.

NEWS ROUNDUP – 3rd April 2026

03/04/2026

CISA flagged active exploitation of a Langflow flaw, while researchers warned ShareFile bugs can deliver unauthenticated remote code execution. Mercor confirmed fallout from the LiteLLM supply-chain compromise, Hasbro investigated unauthorized network access, and CERT-EU widened the scope of the Europa platform breach. Policy and standards developments also moved, from China’s digital-human draft rules to ENISA’s digital wallet certification work effort.

NEWS ROUNDUP – 1st April 2026

01/04/2026

Europe’s Commission disclosed data theft from cloud infrastructure, while CISA ordered urgent Citrix patching for active exploitation. U.S. prosecutors charged a suspect over the $50 million Uranium Finance hacks, and researchers linked the axios npm supply-chain compromise to North Korean actors. The roundup also tracks UK scam-centre sanctions, Italy’s Intesa breach fine, and Lloyds’ mobile banking data exposure this week.

NEWS ROUNDUP – 30th March 2026

30/03/2026

F5 BIG-IP exploitation escalated after a flaw was reclassified to critical RCE, while a Fortinet FortiClient EMS bug also came under active attack. The European Commission confirmed a data breach after the Europa web platform incident, and UK sanctions targeted infrastructure tied to Cambodia-based scam operations. NCA’s 2026 assessment also linked cybercrime more closely with wider organised offending patterns overall.

NEWS ROUNDUP – 28th March 2026

28/03/2026

Europe’s Europa platform disclosed a cloud-hosting cyberattack, Puerto Rico suspended licensing services after a government incident, and researchers detailed BPFdoor sleeper cells in telecom networks. The roundup also covers the FBI director’s personal Gmail breach, RedLine malware extradition, an EU vote against extending CSAM scanning rules, and Lloyds’ customer data exposure caused by a banking glitch in the United Kingdom.

NEWS ROUNDUP – 25th March 2026

25/03/2026

From Trivy’s supply-chain compromise and Citrix’s new NetScaler memory leak to Mazda’s Thailand breach, Stryker’s recovery update, and US sentencing tied to ransomware access brokering, this DFM roundup tracks incidents, investigations, enforcement, and policy shifts. It also covers NIST’s CSF 2.0 workforce guide, a DevSecOps draft, and Treasury’s cyber insurance review alongside Crunchyroll and Infinite Campus breach disclosures this week.

NEWS ROUNDUP – 23rd March 2026

23/03/2026

Google reported access-to-operator handoffs dropping to 22 seconds, while Trio-Tech disclosed ransomware at its Singapore unit and Oracle shipped an emergency patch for a critical Fusion Middleware flaw. Europol said 373,000 dark web sites were shut down, and U.S. authorities sentenced facilitators tied to North Korean remote-worker infiltration and a separate business email compromise scheme targeting victims across borders globally.

NEWS ROUNDUP – 20th March 2026

20/03/2026

Microsoft Intune hardening guidance followed the Stryker breach, while ConnectWise patched a critical ScreenConnect flaw. Investigators tied Russian operations to a Zimbra breach and iPhone exploitation in Ukraine. Europol’s Operation Alice shuttered 373,000 dark-web sites, CISA flagged active SharePoint exploitation, and NIST issued final guidance on secure DNS deployment and 5G security design.

Advertisements

Magazine Issues

DFM 57 Front Cover - Thumbnail

Issue 57 – Out Now

By admin |
DFM 56 Front Cover - Thumbnail

Back Issue 56

By admin |
DFM 55 Front Cover - Thumbnail

Back Issue 55

By admin |
dfm-54

Back Issue 54

By admin |
dfm-53

Back Issue 53

By admin |
dfm-52

Back Issue 52

By admin |
dfm-51

Back Issue 51

By admin |
dfm-50

Back Issue 50

By admin |
dfm-49

Back Issue 49

By admin |
dfm-48

Back Issue 48

By admin |