Cybersecurity researchers from Trend Micro have reported that cybercriminals, allegedly backed by at least six nation-states, are exploiting a zero-day vulnerability in Microsoft Windows. This vulnerability is being used for espionage and to steal sensitive data, including cryptocurrency. Additionally, a critical Ingress NGINX Controller vulnerability has been identified, allowing remote code execution without authentication, posing a severe risk to Kubernetes environments. This vulnerability, referred to as IngressNightmare, has been described as one of the most critical security issues affecting Kubernetes in recent years. The attack chain can lead to a full takeover of public-facing Kubernetes clusters. Furthermore, Microsoft has unveiled that its systems are also under threat from the StilachiRAT malware, which targets cryptocurrency wallet users on Chrome, compromising credentials from popular wallet extensions such as Coinbase and Phantom. Other vulnerabilities affecting VMware Windows Tools and NTLM hashes have also been reported, with patches being issued to mitigate these risks.