Three campaign-level items lack confirmed vendor attribution in available source data. The China-nexus APT campaign against Southeast Asian military networks (SCC-CAM-2026-0038) uses LOLBins and custom backdoors without confirmed CVEs or specific vendor targets. The simultaneous exploitation wave (SCC-CAM-2026-0039) includes a reported AWS CI/CD supply chain attack and dual router botnet campaigns alongside the Chrome zero-days (addressed under the Google entry); all details are provisional and require corroboration from AWS and affected router vendors before finalizing incident response scope. The GlassWorm dependency-layer supply chain campaign (SCC-CAM-2026-0040) affects software dependency ecosystems broadly with specific package managers and registries unconfirmed; the primary action is auditing SCA tooling coverage for transitive dependency inspection rather than patching a named vendor product.