This pack covers a threat landscape dominated by three converging patterns: active large-scale credential harvesting against network edge devices (FortiBleed IAB operation across 430,000+ FortiGate firewalls), systemic cloud detection and identity governance failures being exploited across multi-cloud environments, and a cluster of Windows endpoint abuse techniques leveraging trusted platform mechanisms (ClickOnce) to achieve persistent, privilege-free footholds. Immediate attention is warranted on the FortiBleed campaign (CVSS 9.5, active IAB operation with GPU-accelerated credential cracking at scale), the FFmpeg CVE-2026-8461 heap overflow enabling zero-click RCE against automated media pipelines, and cloud bucket namespace hijacking enabling silent, IAM-bypassing data stream redirection. The identity governance thread, spanning NHI credential abuse, cloud IAM misconfiguration, and AI agent access control gaps, runs across all scenarios and represents the structural risk requiring the longest remediation horizon.