UK Biobank health data appeared for sale in China — UK ministers confirmed in London that anonymised health data from around 500,000 UK Biobank participants appeared for sale on an Alibaba-linked Chinese website [EMEA]. The exposed fields reportedly excluded direct identifiers but included demographic, lifestyle and biological measures, making provenance checks, access-control auditing and dataset handling records central to the continuing investigation (Source: Pulse Today, 23-04-2026).

Interrail travellers warned after Eurail data posted online — Eurail customers across Europe were warned after passport numbers, names, contact details and dates of birth from more than 300,000 travellers were posted on the dark web [EMEA]. The case turns on copied datasets, Telegram sample publication and customer notification evidence, with passport replacement decisions now creating practical identity-risk and evidential-traceability issues for affected travellers (Source: The Guardian, 23-04-2026).

Indonesian police disrupt phishing tools marketplace — Indonesia’s National Police Cyber Crime Directorate said investigators in Jakarta arrested two suspects linked to an international market for phishing scripts and illegal-access tools [APAC]. Investigators traced a suspected wellstore site to Telegram bot communications, identified 2,440 buyers and 34,000 victims, and seized assets worth IDR 4.5 billion during the case (Source: Indonesian National Police, 23-04-2026).

Toronto police seize mobile SMS blasters — Toronto police said three men from Markham and Hamilton were arrested after mobile SMS blasters that mimic cell towers were identified in a Canadian cybercrime investigation [AMER]. The devices allegedly pushed fraudulent texts with credential-theft links to nearby phones, and the investigation began after a cybersecurity partner alerted police to a downtown Toronto unit in November 2025 (Source: Toronto Police Service, 23-04-2026).

France Titres confirms portal data breach — France Titres confirmed that data from private and professional accounts on the ANTS portal may have been disclosed after a security incident affecting France’s official credential services [EMEA]. A threat actor claimed 19 million records, while the agency said portal control was not lost and that law enforcement and cybersecurity specialists were investigating phishing and identity-fraud exposure (Source: TechRadar, 22-04-2026).

UMMC continues forensic review after cyberattack — The University of Mississippi Medical Center said in Mississippi that forensic analysis was continuing after a February cyberattack disrupted appointments and elective surgeries for nine days [AMER]. The hospital is working with the FBI and cybersecurity experts to determine whether data was accessed or exfiltrated, while Medusa’s later claim keeps attribution and patient-data exposure unresolved (Source: News From The States, 23-04-2026).

Australia publishes China-nexus covert network advisory — Australia’s cyber authority published an advisory on China-nexus actors using covert networks of compromised devices to support targeting of organisations, critical infrastructure and government [APAC]. The advisory places investigative weight on infrastructure abuse, compromised edge devices and cross-jurisdiction telemetry, giving defenders indicators for correlating network artefacts with broader state-linked activity (Source: Cyber.gov.au, 24-04-2026).

CrowdStrike patches critical LogScale path traversal flaw — CrowdStrike published fixes for CVE-2026-40050, a critical unauthenticated path traversal vulnerability affecting specific self-hosted LogScale versions [AMER]. The flaw could allow remote file reads through an exposed cluster API endpoint, with CrowdStrike reporting SaaS-layer mitigations, no observed exploitation and a requirement for self-hosted customers to upgrade to patched builds (Source: CrowdStrike, 24-04-2026).

US announces action against Southeast Asian scam centres — The US Justice Department announced charges against two Chinese nationals and actions against Southeast Asian scam-centre operations accused of defrauding Americans through cryptocurrency investment fraud [AMER]. Investigators cited a Burma compound, attempted expansion into Cambodia, seizure of a Telegram recruitment channel, 503 fake investment websites and more than $700 million in restrained cryptocurrency tied to alleged money laundering (Source: US Department of Justice, 23-04-2026).

Ransomware negotiator pleads guilty in BlackCat case — A Florida man who worked as a ransomware negotiator pleaded guilty in the United States to conspiring with BlackCat actors and deploying ransomware against US victims [AMER]. Court documents said he misused client negotiation data, including insurance limits and strategy positions, while law enforcement seized around $10 million in assets linked to proceeds of the offence (Source: US Department of Justice, 20-04-2026).

Japan forms financial cyber taskforce after AI concerns — Japan said in Tokyo that it will establish a taskforce to address cybersecurity risks in the financial system following concerns linked to Anthropic’s Mythos AI model [APAC]. The decision involved the Financial Services Agency, Bank of Japan, National Cybersecurity Office, major banks and Japan Exchange Group, signalling policy attention to model-linked systemic risk and sector-wide assurance (Source: Reuters, 24-04-2026).

NCSC recommends passkeys as default login option — The UK National Cyber Security Centre said in Glasgow that passkeys should become the default authentication option where consumer services support them [EMEA]. Its accompanying technical analysis compares traditional credentials and FIDO2 credentials against phishing, credential stuffing and adversary-in-the-middle attacks, giving service owners a standards-based route to reduce account-takeover evidence streams (Source: NCSC, 23-04-2026).