⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Monday recap. Same mess, new week. A sketchy dev tool got people pwned, old bugs came back from the dead, and security products somehow needed protecting from themselves. A bunch of companies spent the week checking old boxes and forgotten servers they should've patched years ago. Good times. Phishing crews are getting smarter too - less obvious scam junk, more targeted stuff that actually

The article is a weekly security recap highlighting multiple critical vulnerabilities and active exploitation campaigns, including a GitHub breach via a poisoned Nx Console VS Code extension and a large set of newly disclosed high‑severity CVEs across infrastructure, security products, and AI-adjacent software such as Open WebUI, SGLang, and ChromaDB.[1][3] It also reports router botnet activity leveraging old and new network device flaws and emphasizes that many incidents stem from outdated, poorly managed components in the software and hardware supply chain.[1] From a CyberSE.AI perspective, these events underline how compromised developer tools, extensions, and open-source components can silently propagate into AI application pipelines, and how AI-facing services (e.g., model backends, AI web UIs, data connectors) must be treated as critical supply chain assets. Organizations should implement SBOM-based dependency tracking, continuous vuln management on AI-related components, and hardening/monitoring of developer environments and CI pipelines that feed AI agents and services.