This pack covers four high-priority intelligence items spanning a CISA-KEV-listed unauthenticated RCE in Fortinet FortiClient EMS, an active Storm-1175 Medusa ransomware campaign exploiting 16 CVEs across edge devices with sub-24-hour dwell time, a DPRK state-sponsored $280M+ DeFi heist by UNC4736 via supply chain and social engineering, and ongoing Kimsuky/ScarCruft phishing operations abusing GitHub and Dropbox as C2 channels. Immediate action is required on CVE-2026-35616 (CISA KEV deadline 2026-04-09) and all internet-facing systems targeted by Storm-1175. DPRK-affiliated threat actors dominate three of the four items, reflecting a sustained, multi-vector campaign pattern targeting financial, governmental, and technology sector organizations.