2nd March – Threat Intelligence Report

This weekly Threat Intelligence Bulletin highlights multiple active and high-impact threats: confirmed data breaches impacting millions of users and employee records (Wynn, ManoMano, UFP Technologies), ransomware extortion and leak-site activity (Qilin, Medusa), critical vulnerabilities being exploited in the wild (Roundcube RCE CVE-2025-49113, SolarWinds Web Help Desk pre-auth RCE chain, Cisco Catalyst SD‑WAN CVE-2026-20127), AI model abuse and credential-exfiltration flaws in Anthropic Claude, and ongoing malware/campaign activity (GrayCharlie with NetSupport/Stealc/SectopRAT). It summarizes observed TTPs, affected sectors, and recommended mitigations and protections from Check Point Research.