// hacker_posts

Cybersecurity news. No fluff.

Vulnerabilities, breaches, advisories and threat intel — covered in plain English and French.

Latest

> Jun 08, 2026#cve #solarwinds

CISA adds SolarWinds Serv-U CVE-2026-28318 to KEV, DoS in the wild

CISA added CVE-2026-28318 — an unauthenticated DoS in SolarWinds Serv-U — to KEV on June 5. CVSS 7.5. Fix is 15.5.4 Hotfix 1. FCEB deadline June 19.

> Jun 07, 2026#advisory #anthropic

Anthropic patches Claude Code GitHub Action repo-takeover chain

GMO Flatt Security's RyotaK chained a checkWritePermissions bot bypass with prompt injection to hijack any public repo running claude-code-action. Fix shipped in v1.0.94.

> Jun 06, 2026#cve #cisco

Cisco SD-WAN Manager CVE-2026-20245 exploited, no patch yet

Cisco disclosed a command-injection zero-day in Catalyst SD-WAN Manager on June 5. Mandiant credited as reporter. CVSS 7.8, exploitation observed, no fix available.

> Jun 06, 2026#advisory #vscode

VS Code github.dev zero-day exposed full GitHub OAuth tokens in one click

Researcher Ammar Askar dropped a webview-postMessage exploit on June 2 that steals github.dev OAuth tokens via a single click. Microsoft shipped a stopgap fix the next day.

> Jun 05, 2026#cve #oracle

CISA adds Oracle WebLogic CVE-2024-21182 to KEV catalog

CISA added the two-year-old Oracle WebLogic auth-bypass CVE-2024-21182 to KEV on June 1, citing active exploitation. Federal agencies have until June 4 to patch.