News Roundups

Here you can access the latest 48hr Global News Roundups from DFM

We scour the internet to find the latest stories relating to:

DFIR, Cyber Investigations, Major Cyber Incidents, Exploits & Threat Intelligence, Law Enforcement, Policy, and Standards & Compliance

We also provide an Editorial Perspective and a Reference List for further reading.

NEWS ROUNDUP – 12th September 2025

12/09/2025

Supply-chain breaches dominate the window: Jaguar Land Rover confirms a data compromise and UK rail operator LNER warns customers after a supplier attack. CISA adds an actively exploited DELMIA Apriso flaw to KEV. Europol names a suspected ransomware admin Most Wanted. Policy shifts include EU Data Act switching duties and US debate over reauthorizing CISA 2015 before September 30 sunset.

NEWS ROUNDUP – 10th September 2025

10/09/2025

In the past 48 hours, defenders juggled Plex breach fallout, Microsoft’s Patch Tuesday triage, and npm supply-chain hijacks. Adobe Commerce shipped critical fixes, while healthcare and media breaches broadened impact. U.S. prosecutors charged a multi-ransomware administrator and posted rewards. Takeaways: accelerate credential resets, lock down publish keys, and run disciplined emergency patch cycles. Prioritize monitoring, SBOM mapping, and phishing verification.

NEWS ROUNDUP – 8th September 2025

08/09/2025

Chinese threat actors impersonated a U.S. lawmaker in a spyware campaign, while a ransomware group disrupted operations at Ireland’s K Club. CISA flagged a critical Sitecore CVE under active exploitation. A U.S. bill to extend cyber intel sharing advanced. DFIR teams must prioritise patching, phishing defences, and policy tracking this week.

NEWS ROUNDUP – 6th September 2025

06/09/2025

In the past 48 hours, defenders faced urgent patch mandates for Sitecore and SAP S/4HANA exploitation, while Google fixed two Android zero-days. Investigations revealed a Chess.com data breach and GhostRedirector SEO hijacks. Major disruptions hit Jaguar Land Rover, and policy shifts saw U.S. info-sharing reauthorization progress alongside EU and Czech regulatory actions.

NEWS ROUNDUP – 3rd September 2025

03/09/2025

Ransomware disrupted Sweden’s municipal IT and Pennsylvania’s Attorney General’s office, while attackers abused Velociraptor and VS Code tunnels for stealthy access. New threats include WhatsApp zero-click exploits, TamperedChef malvertising, Brokewell Android malware, and ScarCruft’s RokRAT espionage. Indian police dismantled trafficking-to-scam pipelines and online fraud rings, underscoring cybercrime’s human dimension alongside technical threats.

NEWS ROUNDUP – 1st September 2025

01/09/2025

NEWS ROUNDUP – 29th August 2025

29/08/2025

Salesforce OAuth token abuse, cloud-native ransomware, and NetScaler zero-day exploitation dominated the last 48 hours. Investigators tracked PRC router persistence, PlugX delivery, and major breaches at TransUnion and Nevada state services. Policy and law enforcement actions tightened around DPRK fraud and PRC laundering networks, while NIST issued new IoT behavior and control updates.

NEWS ROUNDUP – 27th August 2025

27/08/2025

A 48-hour sweep of cyber developments highlights urgent Citrix NetScaler and Docker zero-days, ransomware hitting Nevada state services and Nissan’s design unit, and fresh AI threat vectors. DFIR teams gain new IR guidance, while ENISA takes charge of the EU Cyber Reserve. Cross-sector vigilance remains essential amid escalating threats.

NEWS ROUNDUP – 25th August 2025

25/08/2025

DFIR & Incident Response Elastic: How to reduce alert overload in defence SOCs (2025-08-22, EMEA). Guidance focuses on AI-powered triage and automation to cut false positives and accelerate investigations. DFIR teams can operationalize these tactics to preserve analyst capacity and […]