This pack covers eight intelligence items spanning critical RCE vulnerabilities in AI pipeline and identity infrastructure, an active AI-augmented OAuth phishing campaign compromising 344 organizations, sustained Iran-linked ICS/OT operations against critical infrastructure, a DeFi protocol breach resulting in $24.5M extracted value, and credential-dependent SQL injection in a healthcare EHR platform. Immediate priorities are CVE-2026-33017 (Langflow RCE, CISA KEV, active exploitation, 20-hour dwell time) and the Microsoft OAuth phishing campaign (344 confirmed victims, persistent token-based access). Organizations in healthcare, government, and critical infrastructure face compounding risk from overlapping threat actors and attack patterns targeting both IT and OT environments.