Canary Trap’s Bi-Weekly Cyber Roundup

This bi-weekly roundup highlights multiple active cyber threats: Microsoft-reported MSMQ post-patch failures affecting enterprise IIS; Ink Dragon (China-linked APT) conducting sophisticated intrusions using ShadowPad, FINALDRAFT and relay-style C2; GhostPoster trojanized Firefox extensions using steganography to deliver persistent malware to ~50k users; a PDVSA incident resembling ransomware that disrupted export administration; a SoundCloud breach impacting up to 20% of users; and critical Fortinet SAML vulnerabilities (CVE-2025-59718/59719) actively exploited and added to CISA’s KEV — collectively emphasizing urgent patching, incident response, and heightened vigilance.