Jaguar Land Rover confirms data compromise as recovery continues — JLR disclosed that certain data were compromised during a cyberattack that disrupted production and retail systems, while containment and restoration activities remain underway (2025-09-11) [UK]. This keeps DFIR teams focused on factory/retail uptime, third-party dependencies, and customer notification workflows. (Source: SC Media, 2025-09-11).

Senator urges FTC investigation into Microsoft after Ascension ransomware — A US senator asked the FTC to examine Microsoft’s role in a 2024 hospital ransomware incident, alleging security negligence (2025-09-11) [US]. Any probe could shape expectations for software liability and hospital cyber risk management. (Source: The Record, 2025-09-11).

JLR breach confirmed following factory disruption — Jaguar Land Rover said the attack that forced system shutdowns also led to a data breach, with UK dealers reporting registration and parts impacts (2025-09-11) [UK/EU]. Automotive supply-chain dependencies and OT/IT links remain key exposure points. (Source: Security Affairs, 2025-09-11).

UK rail operator LNER warns customers after supplier breach — LNER said a third-party incident exposed contact and journey data; operations and ticketing were unaffected (2025-09-11) [UK]. Transport firms should harden vendor access and prep comms for phishing risks post-disclosure. (Source: ITPro, 2025-09-11).

CISA adds actively exploited DELMIA Apriso deserialization bug to KEV — CVE-2025-5086 was added on 2025-09-11 with a 2025-10-02 due date for US federal agencies (2025-09-11) [Global]. Asset owners should prioritize vendor mitigations and track downstream Sitecore/ASP.NET ViewState abuse patterns. (Source: CISA KEV, 2025-09-11).

Europol adds suspected LockerGoga/MegaCortex/Nefilim admin to EU Most Wanted — A Ukrainian national believed tied to 2019 Norsk Hydro and other global attacks was listed on 2025-09-10 (2025-09-10) [EU]. Authorities mapped roles across coders, intruders, and launderers, signaling continued pressure on RaaS ecosystems. (Source: Europol, 2025-09-10).

US offers up to $10M reward as Europe widens hunt — Reporting names Volodymyr Tymoshchuk and links to campaigns across 71 countries, with damages exceeding $18B (2025-09-10) [EU/US]. Public tips and transatlantic coordination remain central to disrupting top-tier operators. (Source: ITPro, 2025-09-10).

EU Data Act applicability begins—cloud switching & interoperability duties — From 2025-09-12, providers face new obligations on termination rights, switching, and portability; impacts span cloud and connected products (2025-09-11) [EU]. CISOs should review contract clauses, egress fees, and data mapping. (Source: Morgan Lewis, 2025-09-11; Cooley, 2025-09-12).

Debate heats up over reauthorizing the US CISA 2015 information-sharing law — With sunset looming on 2025-09-30, legal experts warn losing liability shields could chill threat intel sharing (2025-09-12) [US]. Boards should track outcomes that affect cross-sector sharing programs. (Source: Just Security, 2025-09-12).

EU Cyber Resilience Act: one-year countdown to 2026 compliance — Manufacturers of “products with digital elements” face 2026-09-11 obligations; start SBOMs, vulnerability handling, and conformity assessments now (2025-09-11) [EU]. (Source: Keysight, 2025-09-11).

ISO/IEC 27001:2022 transition deadline approaches in October 2025 — Organizations nearing the end of the migration window should finalize control mappings and recertification plans (2025-08-12) [Global]. (Source: PrivacyPerfect, 2025-08-12).