In this week’s edition of The Cyber Express weekly roundup, some interesting news and cybersecurity stories share an interesting shift in the cyber domain. Critical developments span space cybersecurity, AI vulnerabilities, mobile malware, and global regulatory enforcement, highlighting how digital threats are becoming more sophisticated and interconnected.  

From government-led initiatives to strengthen national defense, to high-profile breaches impacting multinational enterprises, and the rise of AI-augmented attacks, this cybersecurity news digest provides a detailed snapshot of the challenges facing organizations, agencies, and individual users worldwide. 

This weekly roundup from The Cyber Express emphasizes the urgent need for stakeholders across all sectors to stay informed, adapt strategies in real time, and anticipate new cyber threats before they escalate. 

The Cyber Express Weekly Roundup 

India Strengthens Space Cybersecurity 

India has unveiled new space cybersecurity guidelines developed jointly by the Indian Computer Emergency Response Team (CERT-In) and SatCom Industry Association India (SIA-India). Announced at the DefSat Conference & Expo 2026 in New Delhi, the framework introduces risk-based, secure-by-design practices for satellites, ground systems, and supply chains. Read more… 

Apple Devices Certified for NATO Restricted Data 

Apple Inc. has become the first consumer device maker approved to handle NATO “restricted” classified information on standard iPhone and iPad devices running iOS 26 and iPadOS 26. Certification, granted following testing by Germany’s Federal Office for Information Security, allows personnel across NATO member states to use commercial devices without specialized security software. Read more… 

OpenClaw Vulnerability Threatens Local AI Agents 

Security researchers have discovered a critical flaw in the open-source AI agent OpenClaw, allowing any malicious website visited by a developer to hijack the locally running agent. The vulnerability, present in OpenClaw’s local WebSocket gateway, permitted password brute-forcing and administrative access without plugins or user interaction. Read more… 

Cisco SD-WAN Zero-Day Exploitation Spans Three Years 

Cisco Systems’ Catalyst SD-WAN controllers were compromised via a critical zero-day flaw (CVE-2026-20127) for at least three years, according to Cisco Talos. Threat actors exploited the authentication bypass to gain administrative access and insert rogue peers, chaining the exploit with an older vulnerability (CVE-2022-20775) to escalate privileges while avoiding detection. Read more… 

U.S. Sanctions Russian Zero-Day Broker 

The U.S. Department of State sanctioned Operation Zero, a Russia-linked cyber brokerage network, targeting Russian national Sergey Sergeyevich Zelenyuk and associated entities. Authorities allege Australian national Peter Williams stole eight classified exploits from a U.S. defense contractor between 2022 and 2025, selling them for $1.3 million in cryptocurrency. Read more… 

X Appeals €120M EU Fine 

Social media platform X has filed an appeal against a €120 million penalty under the EU Digital Services Act, challenging enforcement related to its paid verification system, advertising disclosures, and public data access for researchers. X claims procedural errors and misinterpretation of obligations, framing the case as a precedent-setting test for platform accountability, user trust, and regulatory compliance. Read more… 

Weekly Takeaway 

This week’s The Cyber Express weekly roundup highlights how cybersecurity risks are advancing across sectors, from national space programs to AI agents, mobile malware, and critical infrastructure. Organizations and regulators must adapt in real time, balancing innovation with governance, monitoring, and incident preparedness. As this cybersecurity news highlights, proactive measures remain essential in a complex digital environment.