This pack covers four intelligence items across three distinct attack patterns: a sophisticated npm supply chain campaign (Shai-Hulud Gen 3 / TeamPCP) targeting enterprise CI/CD pipelines with automated credential exfiltration; an automated OAuth phishing campaign (ConsentFix v3) that architecturally bypasses MFA against Azure Entra ID environments; and two items covering a critical authentication bypass zero-day (CVE-2026-41940) in cPanel/WHM alongside a separately critical Linux kernel privilege escalation (CVE-2026-31431) that enables container escape with near-100% reliability. Three of four items carry critical severity ratings; immediate action is required on the npm supply chain campaign and cPanel zero-day due to active or near-active exploitation, while the Linux kernel flaw demands urgent patching given public PoC availability and broad distribution exposure.