Cisco Unified CM RCE, Claude GitHub Action Hijack, AI Agent Exploits

This briefing reports multiple high-risk incidents: a patched but publicly proof-of-concepted unauthenticated RCE in Cisco Unified Communications Manager (CVE-2026-20230), a critical GitHub Actions flaw in Anthropic's Claude Code enabling repository takeover, a Hola Browser supply-chain compromise that delivered a cryptominer to Windows users, large-scale data breaches at DentaQuest and the UN World Food Programme, and an expansion of TA4922 phishing campaigns; it recommends urgent patching, GitHub workflow audits, endpoint scans, and breach response actions.