Autonomous IT
Avsnitt

Patch [FIX] Tuesday – [Nothing Weaponized, Everything Exposed], E33

Dela

June 2026 has no headliner. Instead of one critical bug, the release spreads thin across the kernel, the network stack, a code editor, an AI assistant, a bootloader, and a nine-year-old Linux root bug. It's a breadth problem, not a severity one, and it changes how you triage.

Jason Kikta and Landon Miles break down the whole release, then step off the patch list for the breaches that never got a CVE: GitHub's internal repos reached through a poisoned VS Code extension, a TanStack compromise carrying valid SLSA provenance, and a Red Hat npm namespace compromise that fired the moment anyone ran npm install.

Podden och tillhörande omslagsbild på den här sidan tillhör Automox. Innehållet i podden är skapat av Automox och inte av, eller tillsammans med, Poddtoppen.