Critical Check Point VPN and Linux kernel flaws under active exploitation; NSO spyware defies court order

**TL;DR:** Multiple critical, actively exploited threats: a Check Point Remote Access VPN zero-day (CVE-2026-50751) enabling password bypass, a Linux kernel nf_tables local root exploit (CVE-2026-23111) with public PoC, NSO Group WhatsApp spear‑phishing, NFCShare Android malware delivered via fake GitHub app updates, and a Shai‑Hulud PyPI supply‑chain compromise of 19 packages — prioritize patching, isolate vulnerable IKEv1 VPNs, audit kernels and dependencies, rotate exposed credentials, and increase detection for these IOCs.