Canary Trap’s Bi-Weekly Cyber Roundup

Canary Trap’s bi-weekly roundup highlights active and diverse cybersecurity threats: a Fog ransomware incident and data leak at the University of Oklahoma; malicious npm/PyPI packages stealing Solana keys via Gmail SMTP and deleting files; Mercedes‑Benz MBUX vulnerabilities requiring physical access; FCC regulatory action following telecom intrusions attributed to Salt Typhoon; and a Telegram-based Sneaky 2FA AiTM phishing kit targeting Microsoft 365, together illustrating supply-chain, phishing, and state‑linked risks and recommended mitigations.