Daily Threat Briefing – May 2, 2026

THREAT LEVEL: CRITICAL — This briefing details multiple active, high-impact campaigns: AccountDumpling’s phishing operation that compromised 30,000 Facebook accounts; Russian military intelligence exploiting router vulnerabilities to harvest Microsoft Office authentication tokens; a China-aligned APT conducting coordinated espionage against governments, media, and activists; cybercriminal SaaS extortion using vishing and SSO abuse; and an urgent, exploitable cPanel RCE (CVE-2026-41940) with a CISA-mandated patch deadline. The report includes recommended mitigations and an immediate action checklist for patching, monitoring, and access controls.