[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fYVVfXcaBsSF1cxmES3E9208O2oaNeeeL0bMMqliynlk":3},{"roundup":4},{"id":5,"week_label":6,"slug":7,"date_from":8,"date_to":9,"tldr":10,"full_brief":11,"top_iocs":12,"social_linkedin":62,"social_x":63,"article_count":64,"awareness_links":65,"status":126,"published_at":127,"created_at":128,"updated_at":128,"mastodon_posted_at":129,"executive_summary":130,"tagline":131,"cover_image_url":132},"e1355845-b108-4d98-a390-b16d705ef351","2026-W26","2026-w26","2026-06-22","2026-06-28","• 🔐 Russian intelligence escalated messaging app attacks, now targeting Signal Backup Recovery Keys to access historical message archives.\n• 🏭 PTC Windchill (CVE-2026-12569) and Cisco SD-WAN (CVE-2026-20245) are under active exploitation, with the Cisco zero-day abused months before patching.\n• 🔗 Supply chain attacks hit multiple fronts: Polymarket lost $3M via a vendor JS injection, Miasma campaign expanded to npm, GitHub Actions, and the Go ecosystem.\n• 🤖 AI security gaps widened on two fronts: Gaslight macOS malware weaponizes prompt injection to blind AI analysis tools, while a clean GitHub repo technique tricks AI coding agents into running malware.\n• 🪟 Linux kernel drew two local privilege escalation CVEs (pedit COW and DirtyClone) with public exploits released within 24 hours of disclosure.\n• 🌍 Europe is now ransomware's primary target region, with Qilin exploiting a Check Point VPN zero-day for six weeks before a CISA patch directive was issued.\n• 🏛️ Regulatory pressure intensified with CISA emergency patch deadlines, FCC cybersecurity rules for emergency alert systems, and GDPR fines for breach notification failures.","## Vulnerabilities & Exploits\n\n**[Cisco SD-WAN Zero-Day Exploited Months Before Patching](https:\u002F\u002Fwww.securityweek.com\u002Fcisco-sd-wan-zero-day-exploited-months-before-patching\u002F)**. Mandiant confirmed that CVE-2026-20245, a command injection flaw in Cisco Catalyst SD-WAN Manager, was actively exploited by an unknown threat actor at least two months before Cisco published patches in June 2026. Attackers uploaded a malicious CSV file (`evil_tenant.csv`) to escalate privileges to root, and likely chained the attack with previously disclosed authentication bypass flaws CVE-2026-20127 and CVE-2026-20182 for initial access. [Learn more](\u002Fawareness\u002Fcisco-sd-wan-zero-day-exploited-for-months-before-patch-arrival)\n\n**[CISA Adds PTC Windchill RCE and Cisco CUCM to KEV, Sets June 28 Deadline](https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fcisa-sets-urgent-deadline-to-fix-cisco-flaw-exploited-in-attacks\u002F)**. CISA added CVE-2026-12569 (PTC Windchill\u002FFlexPLM RCE, CVSS 9.3) and CVE-2026-20230 (Cisco Unified Communications Manager SSRF) to its Known Exploited Vulnerabilities catalog, mandating federal remediation by June 28. The Windchill flaw marks the first-ever KEV addition for a PTC product and is particularly concerning given Windchill's footprint in manufacturing and defense supply chains. [Learn more](\u002Fawareness\u002Fcritical-ot-device-flaw-exploited-in-the-wild-weeks-after-disclosure)\n\n**[Two Linux Kernel Local Privilege Escalation Flaws Drop Public Exploits](https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fnew-linux-pedit-cow-exploit-enables.html)**. CVE-2026-46331 (pedit COW) and CVE-2026-43503 (DirtyClone) both allow unprivileged local users to gain root by corrupting cached binaries in memory. Public working exploits were available within 24 hours of CVE assignment for pedit COW; both affect major distributions including RHEL 8\u002F9\u002F10, Debian 11-13, and Ubuntu 18.04 through 26.04.\n\n**[macOS XPC Flaw Allowed Standard Users to Disable CrowdStrike and Kandji](https:\u002F\u002Fhackread.com\u002Fmacos-flaw-users-disable-crowdstrike-kandji-security-tools\u002F)**. XM Cyber discovered a vulnerability in macOS XPC inter-process communication that let unprivileged users hijack trusted applications via CDHash cache and NIB injection, then disable EDR tools including CrowdStrike Falcon Sensor and Kandji MDM Agent. Both vendors have patched the issue, and XM Cyber released an open-source detection tool, XPC Hunter, to help identify exploitation attempts.\n\n### Key Takeaway\nPrioritize patching CVE-2026-20245, CVE-2026-12569, and the two Linux kernel LPE CVEs immediately; audit unprivileged user namespace settings on Linux hosts and validate macOS EDR agent integrity.\n\n---\n\n## Ransomware & Breaches\n\n**[Check Point VPN Zero-Day Fueled Qilin Ransomware Wave for Six Weeks](https:\u002F\u002Fcyberscoop.com\u002Fwhy-security-patching-is-not-enough-cve-2026-50751-op-ed\u002F)**. CVE-2026-50751, an authentication bypass in Check Point Remote Access VPN, was exploited starting in early May before a CISA patch directive arrived on June 21, a six-week window during which a Qilin affiliate compromised dozens of organizations. The actor used Rclone for data exfiltration and Tox for C2, highlighting how patch directive lag creates durable exploitation windows. [Learn more](\u002Fawareness\u002Fsix-week-patch-gap-fuels-ransomware-wave-via-check-point-vpn-flaw)\n\n**[Europe Becomes Ransomware's Primary Target Region](https:\u002F\u002Fwww.darkreading.com\u002Fcybersecurity-analytics\u002Feurope-evolves-ransomware-favorite-region)**. Threat intelligence data indicates ransomware operators have strategically shifted focus to EU organizations and their supply chains following a period of global activity decline. The concentration on European targets aligns with broader geopolitical trends and the region's dense interconnection of critical infrastructure suppliers. [Learn more](\u002Fawareness\u002Feurope-becomes-ransomwares-primary-target-supply-chains-at-risk)\n\n**[LastPass Customer Data Exposed Again via Klue Third-Party Breach](https:\u002F\u002Fwww.wired.com\u002Fstory\u002Fsecurity-news-this-week-lastpass-users-had-their-data-stolen-again\u002F)**. A breach at Klue, a business intelligence partner integrated with LastPass, exposed customer names, phone numbers, email addresses, and physical addresses after attackers obtained OAuth tokens from Salesforce integrations. The incident is a textbook third-party data pipeline risk: LastPass's own systems were not compromised, but the vendor relationship created an exploitable data path.\n\n### Key Takeaway\nAudit third-party platform integrations for OAuth token scope and data retention, and review vendor breach notification SLAs before the next partner incident exposes your customer data.\n\n---\n\n## Supply Chain\n\n**[Miasma Mini Shai-Hulud Campaign Expands to npm, GitHub Actions, and Go Ecosystem](https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fmiasma-malware-targets-npm-packages-and.html)**. The Miasma campaign compromised maintainer infrastructure for both LeoPlatform\u002FRStreams and ImmobiliareLabs Backstage npm packages, injecting malicious payloads that steal developer and CI\u002FCD secrets. The campaign exploited a GitHub Actions privilege escalation via a compromised third-party action (`codfish\u002Fsemantic-release-action`) and has now expanded to the Go ecosystem. Confirmed malicious file hashes include `32d1bc728d8e504952083a6adc488c309a401c7df4dc8f47b382ce32e4aebe21` (binding.gyp) and `57ba86f6f0caaa580c1dccdf4ed7873d1470e5ea2f8e9ca7a989dc04899f13c0` (leo-logger index.js).\n\n**[Polymarket Loses $3M After Third-Party Vendor JS Injection](https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fpolymarket-customers-lose-3-million-in-supply-chain-attack\u002F)**. Attackers compromised a third-party vendor serving JavaScript to Polymarket's frontend, injecting code that tricked users into approving fraudulent transactions. Approximately $3M in pUSD was stolen and bridged to Ethereum. Polymarket plans full reimbursement and confirmed its own backend systems were unaffected.\n\n**[Amazon Q Developer Flaw Let Malicious Repos Steal Cloud Credentials](https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Famazon-q-developer-flaw-could-let.html)**. CVE-2026-12957 (CVSS 8.5) affected all four Amazon Q Developer IDE plugins and allowed malicious MCP configuration files in cloned repositories to automatically execute arbitrary code and exfiltrate active AWS session credentials without user interaction beyond opening the repository. AWS has patched the issue in Language Servers for AWS 1.69.0 and added explicit consent prompts for untrusted MCP servers.\n\n**[Clean GitHub Repo Technique Tricks AI Coding Agents into Running Malware](https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fclean-github-repo-tricks-ai-coding-agents-into-running-malware\u002F)**. Researchers demonstrated an attack where a legitimate-looking GitHub repository with standard setup instructions causes AI coding agents like Claude Code to trigger a reverse shell during the setup sequence, bypassing both security scanners and human code review. The technique requires no malicious code visible in the repository itself.\n\n### Key Takeaway\nAudit all third-party GitHub Actions for supply chain compromise, pin action versions to commit SHAs, restrict npm publishing credentials to CI-only secrets, and treat MCP config files in cloned repositories as untrusted code.\n\n---\n\n## APT & Nation-State\n\n**[Russian Intelligence Targets Signal Backup Recovery Keys via Phishing](https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Ffbi-warns-russian-intelligence-hackers.html)**. The FBI and CISA updated their advisory on Russian Intelligence Services targeting commercial messaging apps, warning that actors UNC5792 and UNC4221 have evolved tactics to specifically steal Signal Backup Recovery Keys through social engineering. This enables restoration of full message history without breaking encryption, and has already compromised thousands of accounts globally targeting high-value individuals in government, military, and activism. [Learn more](\u002Fawareness\u002Fdecade-old-stolen-credential-enables-fake-emergency-alert-across-brazil)\n\n**[Turla Deploys New STOCKSTAY .NET Backdoor Against Ukraine and European Targets](https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fgoogle-details-turlas-new-stockstay.html)**. Google detailed a new Turla (FSB) backdoor named STOCKSTAY that masquerades as stock market viewers, PDF readers, or calculators, using encrypted WebSocket channels (T1573.002) for C2. The implant shares code with Turla's older Kazuar backdoor and has targeted Ukrainian government and military organizations alongside entities interested in Italian foreign policy in the Netherlands, Poland, and Germany.\n\n**[New macOS Gaslight Malware Uses Prompt Injection to Blind AI Analysis Tools](https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fnew-gaslight-macos-malware-uses-prompt.html)**. A North Korea-aligned threat actor deployed Gaslight, a Rust-based macOS implant that embeds fabricated system failure messages and prompt injection strings to cause AI-assisted triage tools to abort analysis. Gaslight uses a Telegram bot API for C2 (T1071.001) and a LaunchAgent for persistence (T1547.001, label `com.apple.system.services.activity`). The technique represents an escalation in AI-aware malware design. [Learn more](\u002Fawareness\u002Fgaslight-malware-weaponizes-ai-analysis-tools-via-prompt-injection)\n\n**[Chinese APT SharkLoader Campaign Hits Diplomatic and Government Targets](https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fnew-sharkloader-malware-deploys-cobalt.html)**. A Chinese-speaking APT deployed SharkLoader, a new Cobalt Strike loader, against diplomatic and government organizations in Indonesia, Taiwan, and other countries, as well as software development companies. The StrikeShark campaign leveraged known Exchange vulnerabilities including ProxyLogon and ProxyNotShell for initial access.\n\n### Key Takeaway\nReview Signal account linked devices and disable unused device links for high-value personnel; update AI-assisted triage playbooks to flag analysis aborts as a potential Gaslight-style evasion indicator.\n\n---\n\n## Regulatory & Compliance\n\n**[FCC Approves New Cybersecurity Rules for Emergency Alert Systems and Undersea Cables](https:\u002F\u002Fcyberscoop.com\u002Ffcc-undersea-cable-regulations-national-security\u002F)**. The FCC passed regulations requiring basic cyber hygiene (strong passwords, patching, authentication IDs) for Emergency Alert System and Wireless Emergency Alert infrastructure, alongside updated national security review processes for undersea cable terminal equipment. Brazil's emergency alert system compromise via a decade-old stolen credential this week underscores the urgency of these baseline controls. [Learn more](\u002Fawareness\u002Fdecade-old-stolen-credential-enables-fake-emergency-alert-across-brazil)\n\n**[GDPR Enforcement: Romania Fines Altex, Poland Reprimands Data Processors](https:\u002F\u002Fgdprhub.eu\u002Findex.php?title=ANSPDCP_(Romania)_-_18.06.2026&diff=52001&oldid=0)**. Romania's ANSPDCP fined Altex Romania RON 52,086 (approximately €10,000) for failing to implement adequate security measures after a customer accessed a third party's personal data, and for missing breach notification obligations. Separately, Poland's UODO reprimanded a controller and multiple processors for GDPR integrity and accountability failures, fining the responsible sub-processor €2,415. [Learn more](\u002Fawareness\u002Faltex-romnia-fined-10000-after-customer-data-exposed-to-third-party)\n\n### Key Takeaway\nTest your GDPR breach notification workflows now: regulators are fining for failure to notify as much as for the underlying security failure, and the window is 72 hours.\n\n---\n\n## References\n\n- https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Ffbi-warns-russian-intelligence-hackers.html\n- https:\u002F\u002Fwww.securityweek.com\u002Fcisco-sd-wan-zero-day-exploited-months-before-patching\u002F\n- https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fcisa-sets-urgent-deadline-to-fix-cisco-flaw-exploited-in-attacks\u002F\n- https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fmiasma-malware-targets-npm-packages-and.html\n- https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fnew-gaslight-macos-malware-uses-prompt.html\n- https:\u002F\u002Fthehackernews.com\u002F2026\u002F06\u002Fnew-linux-pedit-cow-exploit-enables.html\n- https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fpolymarket-customers-lose-3-million-in-supply-chain-attack\u002F\n- https:\u002F\u002Fcyberscoop.com\u002Fwhy-security-patching-is-not-enough-cve-2026-50751-op-ed\u002F",[13,17,20,23,25,29,32,35,39,42,45,48,51,55,59],{"type":14,"value":15,"context":16},"cve","CVE-2026-12569","PTC Windchill and FlexPLM Improper Input Validation Vulnerability",{"type":14,"value":18,"context":19},"CVE-2026-20245","Cisco Catalyst SD-WAN command injection vulnerability exploited for root access.",{"type":14,"value":21,"context":22},"CVE-2026-20127","Previously disclosed Cisco SD-WAN authentication bypass vulnerability potentially used for initial access.",{"type":14,"value":24,"context":22},"CVE-2026-20182",{"type":26,"value":27,"context":28},"malware","evil_tenant.csv","Malicious CSV file used to exploit CVE-2026-20245.",{"type":26,"value":30,"context":31},"MLTBackdoor","Alternative tracking name for the Mistic backdoor.",{"type":26,"value":33,"context":34},"ModeloRAT","Python remote access trojan dropped alongside Mistic.",{"type":36,"value":37,"context":38},"mitre_attack","T1071.001","Telegram bot API based command-and-control (C2) channel",{"type":36,"value":40,"context":41},"T1547.001","Persistence via LaunchAgent with label 'com.apple.system.services.activity'",{"type":26,"value":43,"context":44},"Gaslight","Name of the macOS implant and information stealer",{"type":36,"value":46,"context":47},"T1573.002","Encrypted WebSocket channel for C2.",{"type":36,"value":49,"context":50},"T1078.004","Cloud Accounts (via social engineering)",{"type":52,"value":53,"context":54},"url","https:\u002F\u002Fevokesystems.com\u002Fcontact-us\u002F","EVoke Systems vendor contact for vulnerability remediation information",{"type":56,"value":57,"context":58},"hash_sha256","32d1bc728d8e504952083a6adc488c309a401c7df4dc8f47b382ce32e4aebe21","binding.gyp file in LeoPlatform\u002FRStreams packages",{"type":56,"value":60,"context":61},"57ba86f6f0caaa580c1dccdf4ed7873d1470e5ea2f8e9ca7a989dc04899f13c0","index.js file in leo-logger@1.0.8","This week in threat intelligence, attackers didn't need new tricks. They used old zero-days, vendor trust, and AI blind spots to do serious damage.\n\nTop stories from the ThreatNoir 2026-W26 Weekly Roundup:\n\n- Cisco SD-WAN CVE-2026-20245 was exploited for 2 months before patching. Root access at a service provider. CISA KEV deadline already passed.\n- PTC Windchill RCE (CVE-2026-12569) hit KEV with active web shell deployment against industrial and manufacturing targets.\n- Miasma supply chain campaign expanded from npm to GitHub Actions to the Go ecosystem, harvesting developer and CI\u002FCD secrets.\n- North Korea's Gaslight macOS implant uses prompt injection to force AI triage tools to abort analysis. Malware is now AI-aware.\n- Russian intelligence shifted Signal targeting to Backup Recovery Keys, enabling full message history access without breaking encryption.\n\nFull roundup: https:\u002F\u002Fthreatnoir.com\u002Fweekly\u002F2026-w26\n\n#ThreatIntelligence #CyberSecurity #SupplyChainSecurity #Ransomware #ZeroDay","This week: Cisco SD-WAN zero-day exploited 2 months pre-patch, Gaslight malware blinds AI triage tools, Miasma hits npm+Go supply chain, Russia steals Signal backup keys. Patch now, trust nothing. Full roundup: https:\u002F\u002Fthreatnoir.com\u002Fweekly\u002F2026-w26",80,[66,69,72,75,78,81,84,87,90,93,96,99,102,105,108,111,114,117,120,123],{"slug":67,"title":68},"credential-stuffing-attack-nets-600k-in-draftkings-breach","Credential Stuffing Attack Nets $600K in DraftKings Breach",{"slug":70,"title":71},"cisco-sd-wan-zero-day-exploited-for-root-access-via-command-injection","Cisco SD-WAN Zero-Day Exploited for Root Access via Command Injection",{"slug":73,"title":74},"cisco-sd-wan-zero-day-exploited-weeks-before-public-disclosure","Cisco SD-WAN Zero-Day Exploited Weeks Before Public Disclosure",{"slug":76,"title":77},"cisco-sd-wan-zero-day-exploited-for-root-access-before-public-disclosure","Cisco SD-WAN Zero-Day Exploited for Root Access Before Public Disclosure",{"slug":79,"title":80},"chrome-149-patches-18-severe-flaws-including-critical-rce-risks","Chrome 149 Patches 18 Severe Flaws Including Critical RCE Risks",{"slug":82,"title":83},"cisco-sd-wan-zero-day-exploited-for-months-before-patch-arrival","Cisco SD-WAN Zero-Day Exploited for Months Before Patch Arrival",{"slug":85,"title":86},"25-year-old-curl-flaw-highlights-legacy-code-risk-and-ai-assisted-discovery","25-Year-Old Curl Flaw Highlights Legacy Code Risk and AI-Assisted Discovery",{"slug":88,"title":89},"six-week-patch-gap-fuels-ransomware-wave-via-check-point-vpn-flaw","Six-Week Patch Gap Fuels Ransomware Wave via Check Point VPN Flaw",{"slug":91,"title":92},"mistic-backdoor-uses-clickfix-lures-and-dll-side-loading-to-evade-detection","Mistic Backdoor Uses ClickFix Lures and DLL Side-Loading to Evade Detection",{"slug":94,"title":95},"altex-romnia-fined-10000-after-customer-data-exposed-to-third-party","Altex România Fined €10,000 After Customer Data Exposed to Third Party",{"slug":97,"title":98},"decade-old-stolen-credential-enables-fake-emergency-alert-across-brazil","Decade-Old Stolen Credential Enables Fake Emergency Alert Across Brazil",{"slug":100,"title":101},"critical-ot-device-flaw-exploited-in-the-wild-weeks-after-disclosure","Critical OT Device Flaw Exploited in the Wild Weeks After Disclosure",{"slug":103,"title":104},"ndr-is-essential-as-vulnerability-discovery-outpaces-defense","NDR Is Essential as Vulnerability Discovery Outpaces Defense",{"slug":106,"title":107},"gitlab-xss-and-info-disclosure-flaws-demand-immediate-patching","GitLab XSS and Info Disclosure Flaws Demand Immediate Patching",{"slug":109,"title":110},"fake-ai-tools-and-commoditized-access-threaten-smbs-in-2026","Fake AI Tools and Commoditized Access Threaten SMBs in 2026",{"slug":112,"title":113},"europe-becomes-ransomwares-primary-target-supply-chains-at-risk","Europe Becomes Ransomware's Primary Target — Supply Chains at Risk",{"slug":115,"title":116},"uk-police-predictive-analytics-program-fails-accuracy-and-transparency-tests","UK Police Predictive Analytics Program Fails Accuracy and Transparency Tests",{"slug":118,"title":119},"gaslight-malware-weaponizes-ai-analysis-tools-via-prompt-injection","Gaslight Malware Weaponizes AI Analysis Tools via Prompt Injection",{"slug":121,"title":122},"smart-tv-proxyware-decade-old-curl-bug-and-api-takeover-highlight-systemic-security-gaps","Smart TV Proxyware, Decade-Old curl Bug, and API Takeover Highlight Systemic Security Gaps",{"slug":124,"title":125},"cal-water-breach-traced-to-third-party-platform-accounts-not-ot-systems","Cal Water Breach Traced to Third-Party Platform Accounts, Not OT Systems","published","2026-06-28T05:00:04.374+00:00","2026-06-28T05:02:16.035945+00:00",null,"### The week in one line\nNetwork edges, AI toolchains, and third-party vendors gave attackers durable footholds across every sector.\n\n### What happened\nAttackers moved fast on newly disclosed vulnerabilities while also collecting returns on months-old zero-days. Two Linux kernel privilege escalation flaws dropped public exploits within 24 hours of disclosure. The Cisco SD-WAN zero-day (CVE-2026-20245) had been exploited for two months before patching. Supply chain operations simultaneously hit npm, GitHub Actions, the Go ecosystem, and a crypto prediction market's frontend vendor.\n\n- CVE-2026-20245 (Cisco SD-WAN) exploited via command injection for root access at a communications service provider, two months before disclosure\n- CVE-2026-12569 (PTC Windchill RCE) added to CISA KEV with active web shell deployment against industrial targets\n- Miasma Mini Shai-Hulud campaign compromised LeoPlatform, RStreams, and ImmobiliareLabs npm packages, expanded to Go ecosystem\n- Gaslight macOS implant (North Korea-linked) deployed prompt injection to disable AI-assisted malware triage\n- Russian intelligence (UNC5792, UNC4221) escalated Signal targeting to steal Backup Recovery Keys for full message history access\n\n### Why it matters for defenders and leaders\nThe exploitation timeline compression is real: two of this week's most significant flaws were being abused before defenders had a patch to apply. At the same time, attackers are actively probing the weakest links in modern security practice, specifically AI analysis pipelines and developer supply chains, which receive less scrutiny than traditional network perimeters.\n\n- A six-week gap between Check Point VPN exploitation and the CISA patch directive enabled a Qilin ransomware wave across dozens of organizations\n- AI coding agents and developer IDE plugins (Amazon Q CVE-2026-12957) now represent credential exfiltration surfaces requiring the same trust controls as production systems\n- Third-party SaaS integrations (Klue\u002FLastPass, Polymarket vendor) are bypassing perimeter controls to expose customer data and steal funds\n- Linux LPE exploits (pedit COW, DirtyClone) with public PoCs are available right now for unpatched RHEL, Debian, and Ubuntu hosts\n\n### What to do this week\n- Patch CVE-2026-20245 (Cisco SD-WAN), CVE-2026-12569 (PTC Windchill), CVE-2026-20230 (Cisco CUCM), and the two Linux LPE CVEs (CVE-2026-46331, CVE-2026-43503) before end of week\n- Audit all GitHub Actions workflows for pinned action SHAs and review third-party actions like codfish\u002Fsemantic-release-action for tampering\n- Update Amazon Q Developer IDE plugins to Language Servers for AWS 1.69.0 or later and enable explicit MCP server consent prompts\n- Review Signal linked devices for high-value personnel and disable unused device links to limit exposure to backup key theft\n- Inventory third-party OAuth token grants and Salesforce integrations to identify lateral data exposure paths similar to the Klue breach","Zero-days aged, AI went blind, supply chains cracked","https:\u002F\u002Fcdn.threatnoir.com\u002Fweekly\u002F2026-w26-cover.png"]