This pack covers four intelligence items spanning a critical AI/ML supply chain compromise campaign (Silver Fox/ValleyRAT), a resilient Android banking trojan with blockchain-based C2 (TrickMo.C), a developing SaaS data breach affecting higher education institutions (Instructure/Canvas), and a high-severity unauthenticated memory leak in Ollama AI inference servers (Bleeding Llama). Two dominant attack patterns emerge: exploitation of the AI/ML ecosystem as an initial access vector and credential theft as the primary objective across multiple campaigns. The Silver Fox ValleyRAT campaign requires immediate containment action given its confirmed 244,000-system reach and active supply chain exposure.