7th April – Threat Intelligence Report

**Executive summary:** This weekly Threat Intelligence Bulletin reports multiple active ransomware incidents and large data breaches (State Bar of Texas, Port of Seattle, Lower Sioux tribe, Royal Mail supply‑chain exposure, Europcar, Chord Dental), critical and actively exploited vulnerabilities (Cisco Smart Licensing, Ivanti CVE-2025-22457 exploited by UNC5221, Apple zero-days patched), and several malware campaigns and weaponized delivery techniques (PDF weaponization, fileless cryptomining, BlackSuit ransomware distribution). Organizations should prioritize patching exposed appliances, monitoring for ransomware and exfiltration indicators, and hardening public-facing services and supply-chain integrations.