This pack covers a threat landscape dominated by three converging pressures: active exploitation of perimeter devices and network infrastructure (Lantronix EDS5000, Ubiquiti UniFi OS, Cisco Unified CM) requiring emergency containment; a sustained multi-vector supply chain compromise wave spanning SaaS OAuth trust chains, CI/CD pipelines, AI agent marketplaces, and data exfiltration by extortion actors; and an expanding cloud and endpoint visibility gap enabling identity abuse, credential harvesting, and living-off-the-land delivery through sanctioned tooling such as ClickOnce. Immediate attention is required for CVE-2025-67038 (CISA KEV, CVSS 9.8, actively exploited) and the FortiBleed IAB credential-harvesting campaign (110M credentials, 659 automated pipelines). Organizations should treat the supply chain cluster as a structural program risk requiring policy and architecture changes beyond one-time patching.