This reporting period is dominated by unauthenticated remote code execution vulnerabilities across enterprise management platforms, Ivanti EPMM, Weaver E-cology, and Progress ShareFile SZC, all carrying CVSS scores of 9.8 and representing direct initial access vectors into corporate infrastructure. Simultaneously, APT28 is conducting an active credential-harvesting campaign via SOHO router DNS hijacking, operating entirely below the endpoint detection threshold. Immediate priorities are patching Ivanti EPMM (CISA KEV due 2026-04-11), blocking the Weaver E-cology debug endpoint, and auditing SOHO router DNS configurations across remote worker environments.