This pack covers eight intelligence items spanning three dominant attack patterns: supply chain and developer credential compromise (AUR/npm weaponization), unauthenticated remote code execution across Windows and Cisco SD-WAN infrastructure (six CVEs including two CVSS 10.0/9.8 chains), and multi-vector data integrity attacks targeting breach notification infrastructure, financial sector vendors, and educational institutions. Immediate action is required on the Cisco SD-WAN three-CVE chain (confirmed federal exploitation, CISA Emergency Directive 26-03) and the AUR eBPF supply chain campaign (400+ packages, developer credential exfiltration with CI/CD downstream risk). The Microsoft June 2026 Patch Tuesday 206-CVE release and the Outsider Enterprise PhaaS smishing operation represent parallel high-urgency tracks requiring triage within 24 hours.