This pack covers an active wave of critical exploitation targeting enterprise network edge devices, Fortinet FortiClientEMS, Citrix NetScaler ADC/Gateway, and F5 BIG-IP APM, all confirmed or actively probed for exploitation, with three of four CVEs listed in CISA KEV. Simultaneously, a financially motivated data theft and extortion operation by ShinyHunters against Telus Digital underscores supply chain credential risk, while the public leak of the DarkSword iOS exploitation tool and nine Linux AppArmor privilege escalation flaws broaden the threat surface to endpoints and infrastructure. Immediate action is required on all three edge device CVEs; federal agencies face a March 30, 2026 remediation deadline for CVE-2025-53521.