28th April – Threat Intelligence Report

Weekly Threat Intelligence Bulletin summarizing several ongoing and recent incidents: large data breaches (e.g., Yale New Haven Health ~5M affected, Blue Shield of California 4.7M), active exploitation of a critical SAP NetWeaver zero-day (CVE-2025-31324, CVSS 10.0) used to deploy webshells and Brute Ratel, a 126% year-over-year surge in ransomware activity with many victims, and additional campaigns including OAuth-targeting phishing, a compromised xrpl.js npm package used to steal crypto credentials, and other corporate and municipal compromises.