This pack covers three active threats spanning critical infrastructure OT/ICS exploitation, targeted mobile spyware against high-risk personnel, and an actively exploited denial-of-service vulnerability in widely deployed file transfer software. The ATG fuel infrastructure campaign demands immediate network isolation action given confirmed active exploitation of 900+ systems and potential for physical safety consequences. CVE-2026-28318 in SolarWinds Serv-U carries a CISA KEV remediation deadline of 2026-06-19, leaving organizations fewer than 15 days to patch before federal compliance deadlines lapse.