Monday, May 18 2026

News Centre

Here you can access the latest 48hr Global News Roundups from DFM

We scour the internet to find the latest stories relating to:

DFIR, Cyber Investigations, Major Cyber Incidents, Exploits & Threat Intelligence, Law Enforcement, Policy, Standards & Compliance and Consumer App Data Leaks

We also provide an Editorial Perspective and a Reference List for further reading.

NEWS ROUNDUP – 18th May 2026

18/05/2026

Grafana confirmed a breach after cybercriminal exposure claims, while researchers tracked Telegram-based iPhone unlocking services tied to stolen devices. Investigators also examined active exploitation of a critical NGINX vulnerability, cloned Shai-Hulud malware campaigns and INTERPOL’s Operation Ramz arrests across the MENA region. Policy discussions focused on AI-assisted vulnerability discovery and regulatory expectations surrounding automated cyber risk analysis in financial sectors.

NEWS ROUNDUP – 15th May 2026

15/05/2026

OpenAI rotated certificates after the TanStack npm supply-chain compromise, while Foxconn resumed operations following a ransomware incident claimed by Nitrogen. Cisco warned of active exploitation against critical SD-WAN infrastructure, and investigators examined breaches affecting Canvas and Nvidia GeForce NOW partners UK cyber sector analysis and ENISA CVE authority expansion highlighted dependence on evidence handling, vulnerability governance and investigative capability globally.

NEWS ROUNDUP – 13th May 2026

13/05/2026

Canvas breach negotiations, Foxconn ransomware disruption, malicious RubyGems packages and Microsoft’s May patch cycle dominated the latest Digital Forensics Magazine roundup. Investigators also tracked prolonged compromise exposure at a UK water provider, regulatory findings affecting Dutch healthcare security practices, and FTC guidance following education-sector data theft claims. The reporting highlights pressure on evidence preservation, attribution accuracy and cross-platform investigative coordination.

NEWS ROUNDUP – 11th May 2026

11/05/2026

Investigators examined ShinyHunters activity affecting Canvas education platforms, UK police charged suspects linked to a cryptocurrency fraud scheme, and researchers warned that Dirty Frag Linux vulnerabilities may already be exploited INTERPOL coordinated pharmaceutical marketplace seizures across 90 jurisdictions while US prosecutors secured sentences in a DPRK remote IT worker case Australia’s ACSC also warned of active cPanel and WHM exploitation.

NEWS ROUNDUP – 8th May 2026

08/05/2026

Investigations this cycle examined exposed military training records, a trojanised DAEMON Tools software supply-chain compromise, and exploitation targeting PAN-OS captive portals. Authorities also detailed North Korean remote IT worker fraud operations and database deletion offences, while Queensland schools assessed fallout from stolen student records linked to the QLearn environment. NIST additionally updated guidance covering positioning, navigation and timing cybersecurity risks.

NEWS ROUNDUP – 6th May 2026

06/05/2026

Canvas exposure disclosures, Trellix repository access, Gujarat cyber-fraud arrests and Australian cryptocurrency seizures dominated this 48-hour investigations cycle. U.S. prosecutors secured sentencing against a ransomware negotiator linked to multimillion-dollar extortion operations, while CISA expanded its exploited vulnerability catalog and the UK NCSC warned organisations to prepare for faster AI-driven vulnerability discovery and patching pressures across critical digital environments worldwide systems.

NEWS ROUNDUP – 4th May 2026

04/05/2026

Investigations span exposed property records in Tasmania, stolen Canvas student data, and a breach affecting Asian football organisations. Authorities warn of cyber-enabled cargo theft, while researchers link Shadow-Earth-053 to infrastructure targeting. Active cPanel exploitation and OAuth abuse campaigns expand attack surfaces, as new guidance highlights risks from autonomous AI systems and investigative challenges in evidence attribution.

NEWS ROUNDUP – 1st May 2026

01/05/2026

Europol fraud and Black Axe actions, Signal phishing targeting German officials, Singapore contractor data exposure, Winona County ransomware leaks, Itron and Medtronic network intrusions, active cPanel exploitation, malicious SAP npm packages, UK breach survey findings, and agentic AI security guidance shape this DFM 48-hour roundup for investigators focused on evidence, attribution, audit trails, and cross-platform correlation readiness.

NEWS ROUNDUP – 29th April 2026

29/04/2026

Backdoored WordPress plugin updates created unauthorised access across production sites, while investigators examined coordinated campaigns targeting enterprise messaging infrastructure and exposed administrative tooling. Enforcement activity linked to DDoS-for-hire disruption operations and regulatory developments around AI and crypto governance further illustrated how technical compromise, investigative response, and policy intervention continue to converge across operational security environments.

Advertisements

Magazine Issues

DFM 57 Front Cover - Thumbnail

Issue 57 – Out Now

By admin |
DFM 56 Front Cover - Thumbnail

Back Issue 56

By admin |
DFM 55 Front Cover - Thumbnail

Back Issue 55

By admin |
dfm-54

Back Issue 54

By admin |
dfm-53

Back Issue 53

By admin |
dfm-52

Back Issue 52

By admin |
dfm-51

Back Issue 51

By admin |
dfm-50

Back Issue 50

By admin |
dfm-49

Back Issue 49

By admin |
dfm-48

Back Issue 48

By admin |