⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

This Monday briefing summarizes a large supply‑chain compromise (a poisoned Nx Console VS Code extension used to breach GitHub and exfiltrate ~3,800 repositories), active exploitation of multiple high‑severity vulnerabilities (including CVSS 10.0 Cisco flaw, Drupal SQLi, Linux kernel local privilege bug, and Defender zero‑days), and ongoing malware/campaign activity (botnets, ValleyRAT, NFC relay banking malware, RondoDox exploitation). It highlights the evolving threat landscape where vulnerability exploitation, supply‑chain attacks, and modular criminal services (code signing, PhaaS) are driving broad, high‑impact incidents and downstream victims.