[AMER] The FBI detailed its Kinetic Cyber Range in Huntsville, where investigators train in realistic homes, businesses, vehicles, hospitals, networks, data centres and ransomware scenarios. The training focus matters because it rehearses evidence selection, vehicle data extraction, network access, interviews, collection restraint and operational judgment before comparable digital evidence decisions arise during live investigations. (Source: FBI, 09-06-2026)

[EMEA] Help Net Security reported research showing how secure boot, trusted execution environments and fused cryptographic keys can protect smartphones while making secure reuse and forensic repurposing harder. Investigators should note the evidential implications because device ownership transfer, bootloader changes, key attestation and protected execution zones affect provenance, data integrity and confidence when mobile hardware is examined or redeployed. (Source: Help Net Security, 10-06-2026)

[EMEA] The Record reported that Britain weakened proposed telecoms cybersecurity protections developed after Salt Typhoon concerns, following industry lobbying over cost and practicality. For investigators, the shift affects expected visibility into routing records, supplier activity, access controls and network-hardening evidence when suspected state-linked telecom compromises require cross-provider reconstruction. (Source: The Record, 09-06-2026)

[APAC] SecurityBrief Asia reported CrowdStrike findings that technology companies are now the world’s most targeted industry, with China-linked groups prominent in state-sponsored targeting around AI assets. Investigators should prioritise identity, cloud, SaaS, developer-platform and repository telemetry because the report describes password spraying, AI-assisted personas, supply-chain compromise and efforts to erase forensic evidence. (Source: SecurityBrief Asia, 09-06-2026)

[EMEA] Help Net Security reported that French authorities are investigating account hijacking on Tchap, the French government secure messaging platform used by civil servants, ministries and public agencies. Account-takeover investigations should preserve login history, session identifiers, device metadata, room-access records and administrative actions quickly because user remediation and retention limits can obscure the compromise sequence. (Source: Help Net Security, 09-06-2026)

[GLOBAL] Unite.AI reported Bitdefender’s 2026 Global Scam Intelligence findings, warning that online scams now operate across social media, messaging apps, SMS, advertising and calls with business-like budgets. The investigative challenge is cross-platform evidence capture, including impersonation pages, ad accounts, payment rails, victim-contact timelines and reusable infrastructure linking apparently separate fraud campaigns. (Source: Unite.AI, 09-06-2026)

[AMER] Help Net Security reported that Google fixed 74 Chrome vulnerabilities, including CVE-2026-11645, a V8 zero-day with exploitation confirmed in the wild. Investigators should preserve browser versions, renderer-process artefacts, crash records, visited HTML, downloads and endpoint timelines promptly because patching and browser restarts may overwrite evidence needed to confirm exploitation. (Source: Help Net Security, 09-06-2026)

[AMER] Help Net Security reported that CISA added BerriAI LiteLLM CVE-2026-42271 to the Known Exploited Vulnerabilities catalog after confirming active exploitation of the command-injection flaw. AI gateway investigations should retain proxy logs, API keys, service-account activity, MCP endpoint traffic, host command history and downstream integration records because exploitation can bridge application abuse and infrastructure execution. (Source: Help Net Security, 09-06-2026)

[AMER] The U.S. Department of Justice said Vercel admitted wrongdoing after contempt proceedings over failure to fully preserve and produce content required by an Electronic Communications Privacy Act search warrant. The case highlights how provider tooling, deletion queues, legal-process workflows and preservation timing can directly determine whether lawful cloud evidence is recoverable. (Source: U.S. Department of Justice, 09-06-2026)

[EMEA] Europol said encrypted SKY ECC messages exposed a Kosovo-based organised crime network behind an alleged EUR 80 million criminal empire, with about 40 suspects investigated. The operation shows how communications evidence, identity records, searches, financial tracing and cross-border coordination can connect drug trafficking, forged documents, weapons and money movement into one evidential picture. (Source: Europol, 09-06-2026)

[APAC] Australia’s Cyber.gov.au updated Information Security Manual guidance on system hardening, including operating-system selection, software-based isolation and controls for reducing unnecessary functionality. For investigators and assurance teams, hardened baselines shape available logs, administrative surfaces, containment boundaries and evidence quality when compromise must be reconstructed across servers, containers or shared computing environments. (Source: Cyber.gov.au, 09-06-2026)

[EMEA] Insurance Business UK reported that the International Underwriting Association is pushing a shared protocol for cyber business-interruption claims across layered London-market insurance towers. Standardised claim handling matters because outage timelines, causation analysis, restoration logs, preservation records and loss calculations must remain consistent when multiple insurers scrutinise the same technical evidence. (Source: Insurance Business UK, 10-06-2026)