This pack covers four distinct threat clusters active as of May 2026: a confirmed critical PAN-OS zero-day (CVE-2026-0300) under active exploitation against internet-facing firewalls; a large-scale data breach of Instructure Canvas affecting up to 275 million education sector records attributed to ShinyHunters; a cluster of supply-chain and web infrastructure vulnerabilities spanning Apache HTTP Server, MOVEit Automation, and the Axios npm library; and a China-nexus APT (UAT-8302) conducting state-directed espionage against government entities. The PAN-OS zero-day requires immediate containment action as no patch exists and exploitation is confirmed across 5,800+ exposed devices. The Instructure breach and UAT-8302 campaign demand parallel urgent attention from organizations in education and government sectors respectively.