#CVE

Cisco SD-WAN CVSS 10.0, Three Claude Vulnerabilities, NuGet/npm Supply Chain Attacks

Covers Cisco SD-WAN authentication bypass and UAT-8616's three-year campaign, NuGet/npm supply chain attacks, and Claude Code/Desktop Extensions/Mexico government breach.

CVE-2026-24765: RCE in PHPUnit's PHPT test runner

An unsafe deserialization vulnerability was found in PHPUnit's PHPT test runner. This article summarizes the risk to CI/CD pipelines and how to mitigate it.

Five vulnerabilities hit Svelte and SvelteKit, update now

A summary of the five Svelte/SvelteKit ecosystem vulnerabilities disclosed in January 2026. They include serious DoS, SSRF, and XSS issues.