The FBI has issued warnings about ongoing cyber espionage and cyberattack campaigns linked to Russian and Chinese threat actors targeting critical infrastructure and diplomatic entities. Russian hackers, specifically the FSB Center 16 unit and the group Static Tundra, have exploited an old Cisco software vulnerability to breach thousands of networking devices across U.S. critical infrastructure sectors, including manufacturing plants, power grids, and water treatment facilities. Concurrently, a new phishing campaign involving the UpCrypter malware loader has been detected, which uses fake voicemails and purchase orders to deliver remote access trojans (RATs) such as PureHVNC and DarkCrystal, granting attackers full control over compromised systems. Separately, Chinese hackers have conducted espionage operations targeting diplomats in Southeast Asia by hijacking Wi-Fi portals and deploying the PlugX backdoor via fake Adobe software updates signed with valid certificates. This campaign involves social engineering tactics and malware to steal files, log keystrokes, and execute remote commands. In addition to these threats, a critical vulnerability (CVE-2025-9074) in Docker Desktop has been identified and patched; this flaw allowed malicious containers to escape and hijack Windows hosts, with a CVSS score of 9.3. Furthermore, the Cybersecurity and Infrastructure Security Agency (CISA) has added three actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, including two in Citrix Session Recording and one in Git (CVE-2025-48384), the latter enabling arbitrary code execution through repository cloning with an available proof-of-concept exploit. These developments underscore heightened cyber threats against critical infrastructure, diplomatic missions, and widely used software platforms.