This pack covers three active threats spanning web application exploitation, endpoint management compromise, and large-scale residential proxy botnet abuse. Two items involve confirmed active exploitation, CVE-2026-8732 (WP Maps Pro unauthenticated admin creation) and CVE-2026-35616 (Fortinet FortiClient EMS zero-day delivering EKZ infostealer), requiring immediate containment action. The dominant pattern across all three scenarios is identity and access abuse: attackers are either creating unauthorized accounts, stealing credentials, or routing malicious traffic through trusted identities to evade detection.
