Attackers are leveraging unauthenticated RCE in Hugging Face’s LeRobot, exploiting privilege escalation flaws in Microsoft’s Entra ID, and using AI for job scams. The shrinking window for defense underscores the need for swift response, advanced detection, and diligent security hygiene across both legacy and emerging technologies.