This reporting period is dominated by two converging threat categories: state-sponsored APT firmware implantation targeting Cisco network perimeter devices (UAT4356/ArcaneDoor), and identity-layer attacks exploiting social engineering and API abuse to bypass MFA and exfiltrate data from cloud platforms. The Cisco ASA/FTD firmware backdoor (FIRESTARTER) demands immediate triage because patches alone cannot remediate confirmed compromises, affected organizations must reimage hardware. Secondary threats include a structurally significant shift in phishing methodology toward AI-personalized lures that invalidate signature-based detection, and a publicly exploitable local privilege escalation in PackageKit affecting all major Linux distributions.