Splunk RCE, Arch Linux supply-chain hijack, Velvet Ant decade-long backdoor

TL;DR: Critical Splunk unauthenticated RCE (CVE-2026-20253, CVSS 9.8) requires immediate patching; over 400 Arch Linux AUR packages were hijacked to distribute a Rust credential stealer and optional eBPF rootkit compromising developer build environments; and China-linked Velvet Ant maintained decade‑long backdoors in PAM/OpenSSH enabling persistent administrative access. Urgent actions recommended: patch Splunk, audit and revoke compromised developer credentials and SSH keys, inspect and restore PAM/OpenSSH integrity, and strengthen account recovery and MFA protections against AI-enabled phishing and social-engineering.