Monday, June 22 2026
ELEVATED
▼
Posture is ELEVATED. The most pressing risks are a Linux-kernel local privilege-escalation flaw ("Copy Fail", CVE-2026-31431) that affects both Raspberry Pi / AdGuard nodes, and the ongoing APT28 "FrostArmada" campaign t…
🎯 PRIORITY ACTION
Patch both Raspberry Pi / AdGuard nodes (sudo apt update && sudo apt full-upgrade) to close the Copy Fail kernel LPE (CVE-2026-31431), then verify the router's DNS/DHCP settings have not been altered (APT28 FrostArmada).
CVE-2026-32202CVSS High
Windows Shell remote code execution — actively exploited
Affects: Windows 11 (NUC)
⚡ Action: Patch — confirm KB5094126 installed
Windows Kernel TCP/IP RCECVSS 9.x
CVSS 9.x wormable, remote, no-auth — unauthenticated network RCE
Affects: Windows 11 (NUC)
⚡ Action: Patch — fixed in June Patch Tuesday KB5094126
Windows Defender race condition — public zero-day, SYSTEM shell on fully-patched Win 11
Affects: Windows Defender (NUC)
⚡ Action: Investigate/Monitor — confirm Defender platform/engine is current; watch for out-of-band fix
CVE-2026-31431CVSS ~7.8
"Copy Fail" Linux kernel local privilege escalation
Affects: Raspberry Pi OS (both AdGuard nodes .192/.218)
⚡ Action: Patch — sudo apt update && sudo apt full-upgrade on both Pis
APT28 "FrostArmada" DNS hijacking
Source: Microsoft / UK NCSC
Compromises SOHO routers, overwrites DHCP/DNS to redirect traffic for AitM credential theft; ~18k IPs across 120 countries at peak
CVE-2026-11645 Chromium V8 OOB read/write
Source: CISA KEV (added Jun 9)
Actively exploited — affects Chrome/Chromium browsers on the NUC
CISA KEV weekly additions
Source: CISA
Cisco Catalyst SD-WAN, LiteSpeed cPanel symlink, Joomla JCE — none in monitored stack, informational only
Claude Code
Tooling
Adds post-session hook, safe mode for troubleshooting, /cd to move sessions; tighter MCP policy enforcement
Enterprise-managed MCP connectors
Platform
Admin-provisioned connectors (starting with Okta) for zero-touch access across chat, Code, and Cowork
HIGHRouter DNS/DHCP integrity (APT28 FrostArmada)
Verify router has not had DNS/DHCP redirected to attacker infrastructure; confirm Pi AdGuard nodes are the only resolvers
⚡ Action: Audit router config + firmware
HIGHRaspberry Pi kernel LPE
Both AdGuard nodes (.192, .218) exposed to Copy Fail
⚡ Action: ssh pi@ each node, run apt full-upgrade, reboot
MEDIUMWindows Defender RoguePlanet zero-day
Local SYSTEM escalation on patched Win 11
⚡ Action: Confirm Defender engine current; limit local untrusted execution until OOB fix lands
MEDIUMTailscale client version
ACL capability bypass via web interface (port 5252)
⚡ Action: Update all nodes to >=1.98.0 (keep --accept-dns=false, key expiry disabled per policy)
Sunday, June 21 2026
ELEVATED
▼
Posture is ELEVATED, driven by an active APT28 / Forest Blizzard DNS-hijacking campaign targeting SOHO/homelab routers (which abuses dnsmasq to silently redirect DNS) and by multiple actively-exploited Windows 11 zero-da…
🎯 PRIORITY ACTION
Install the June Windows 11 cumulative (KB5093998/KB5094126) on the NUC and verify the edge router's DNS settings are unmodified — both directly counter actively-exploited threats hitting this stack profile.
CVE-2026-41091CVSS ~7.8
Windows Defender Elevation of Privilege (zero-day, exploited in wild)
Affects: Windows 11 / Defender
⚡ Action: Patch — fixed in June update (out-of-band patch issued May 19)
CVE-2026-45585CVSS High
BitLocker Security Feature Bypass ("Yellow Key")
Affects: Windows 11 (VeraCrypt/full-disk-encryption-adjacent risk)
⚡ Action: Patch — included in KB5093998
CVE-2026-31431CVSS High
"Copy Fail" Linux kernel local privilege escalation (root in seconds)
Affects: Raspberry Pi OS (both AdGuard Pi nodes)
⚡ Action: Patch — sudo apt update && sudo apt full-upgrade; watch for kernel patch
CVE-2026-33278CVSS 9.8
Unbound DNSSEC heap overflow (DoS / possible RCE)
Affects: Unbound 1.19.1-1.25.0 (only if Unbound is in use upstream of AdGuard)
⚡ Action: Investigate/Monitor — upgrade to Unbound 1.25.1 if present
AdGuard Home
v0.107.77 (Jun 1 2026)
Fixes GLiNET-mode path traversal CVE-2026-41448; both Pi nodes already on this build
Tailscale
v1.98.0+
Fixes ACL capability bypass on local web UI /api/routes (TS-2026-002); MagicDNS regression fix; Go 1.26.3
Windows 11 23H2
KB5093998 (build 22631.7219, Jun 9 2026)
200+ CVEs incl. 3 zero-days + BitLocker bypass; no known issues at launch
dnsmasq
2.92rel2
Fixes 6 flaws incl. cache poisoning (CVE-2026-2291) and DHCPv6 root RCE (CVE-2026-4892); patch any dnsmasq instances upstream
APT28 / Forest Blizzard SOHO DNS-hijacking campaign
Source: Microsoft / NCSC
Compromises home/SOHO routers, abuses dnsmasq to push malicious DNS resolvers via DHCP; 200+ orgs & 5,000 devices hit
CISA KEV additions (Jun 8-9)
Source: CISA
Added CVE-2026-42271 (LiteLLM cmd injection), CVE-2026-50751 (Check Point auth bypass), CVE-2026-11645 (Chromium V8 OOB R/W)
Chromium V8 OOB read/write CVE-2026-11645
Source: CISA KEV
Actively exploited browser flaw — ensure Chrome/Chromium is fully updated
DOJ disruption of Russian GRU DNS-hijacking network
Source: US DOJ
Court-authorized takedown of APT28-controlled DNS-hijacking infrastructure — corroborates active campaign
Claude Opus 4.8
Model
Most capable GA model; 1M-token context default on API/Bedrock/Vertex, 128k max output
Claude Code: post-session hook + safe mode
Claude Code
Adds post-session hook, safe-mode troubleshooting, /cd to move session working dir, tighter MCP policy enforcement
Enterprise-managed MCP connectors (Okta)
MCP
Admins provision connectors once; zero-touch access across Claude chat, Claude Code, and Cowork (Team/Enterprise)
Managed Agents in controlled sandbox
Platform
Claude Managed Agents run in a sandbox you control and connect to private MCP servers
HIGHVerify router DNS integrity
Confirm edge router DNS resolvers are unchanged and firmware is current (APT28 campaign target)
⚡ Action: Inspect router DNS/DHCP config
HIGHPatch both AdGuard Pi nodes' OS
Copy Fail (CVE-2026-31431) gives local root on Raspberry Pi OS
⚡ Action: apt full-upgrade on 192.168.1.192 & .218
HIGHApply June Windows 11 cumulative
KB5093998 closes 3 zero-days incl. Defender EoP + BitLocker bypass
⚡ Action: Install & reboot NUC
MEDIUMConfirm Tailscale >= 1.98.0
Closes local web-UI ACL bypass; key expiry remains disabled, --accept-dns=false retained
⚡ Action: Update clients, verify flags
Saturday, June 20 2026
MODERATE
▼
June Patch Tuesday delivered a critical Windows Kernel use-after-free RCE (CVE-2026-45657, CVSS 9.8) affecting the NUC — a patch is available and there is no known active exploitation yet. Both Raspberry Pi nodes are exp…
🎯 PRIORITY ACTION
Apply the June 2026 Windows cumulative update to NUC-Lab (closes CVE-2026-45657, CVSS 9.8) and update both Raspberry Pi kernels (sudo apt full-upgrade && reboot) to remediate the Copy Fail privilege-escalation flaw.
CVE-2026-45657CVSS 9.8
Windows Kernel use-after-free RCE
Affects: Windows 11 (NUC-Lab)
⚡ Action: Patch (June 2026 cumulative; not yet exploited but critical)
CVE-2026-31431CVSS ~7.8
"Copy Fail" Linux kernel local privilege escalation
Affects: Raspberry Pi OS (both Pi nodes)
⚡ Action: Patch kernel — local-only, needs existing account; still update
CVE-2026-23268 / CVE-2026-23269CVSS High
AppArmor LSM local privesc / info disclosure
Affects: Raspberry Pi OS kernel
⚡ Action: Patch (covered by same kernel update)
CVE-2026-11645CVSS High
Chromium V8 out-of-bounds read/write (CISA KEV, actively exploited)
Affects: Chrome on Windows 11
⚡ Action: Update Chrome to latest
AdGuard Home
v0.107.78 (~Jun 15 2026)
Latest release; your nodes are at v0.107.77 — optional upgrade
Tailscale
latest client (Go 1.26.3)
MagicDNS regression fix after network change (Windows clients unaffected)
Forest Blizzard / APT28 SOHO router DNS hijacking
Source: Microsoft
Compromises dnsmasq on SOHO routers for adversary-in-the-middle; 200+ orgs, ~5,000 devices, active since Aug 2025
June Patch Tuesday zero-days
Source: Microsoft / BleepingComputer
6 zero-days, 1 actively exploited in the wild
Claude Opus 4.8
Model
Most capable GA model; 1M-token context default on Claude API, Bedrock, Vertex
Enterprise-Managed Authorization for MCP
Connectors
Centralized IdP provisioning of MCP connectors (beta for Team/Enterprise)
Claude Code (Jun 12 2026)
Tooling
wheelScrollAcceleration setting, /model picker fix, conversation-language session titles
HIGHPatch NUC-Lab now
Apply June cumulative to close CVE-2026-45657 (9.8)
⚡ Action: run Windows Update + reboot
HIGHPatch both Pi nodes
Kernel update closes Copy Fail + AppArmor privesc
⚡ Action: sudo apt update && sudo apt full-upgrade && reboot
MEDIUMAudit router/AdGuard DNS
Forest Blizzard targets SOHO router DNS
⚡ Action: verify no rogue DNS, confirm AdGuard upstreams intact on both nodes
LOWAdGuard Home upgrade
v0.107.78 available (you are on v0.107.77)
⚡ Action: optional upgrade when convenient
Friday, June 19 2026
ELEVATED
▼
Posture is ELEVATED, driven by two stack-relevant items under active exploitation: a zero-click Windows Shell spoofing flaw (CVE-2026-32202) and the APT28 SOHO-router DNS-hijacking campaign that targets exactly the kind …
🎯 PRIORITY ACTION
Confirm KB5094126 is installed on the NUC and audit the home router's DHCP/DNS settings (plus AdGuard upstreams) for unauthorized DNS entries — the actively-exploited Windows Shell flaw and the APT28 DNS-hijacking campaign both map directly onto this stack.
CVE-2026-32202CVSS ~7.5
Windows Shell spoofing (zero-click, NTLM relay)
Affects: Windows 11 (NUC)
⚡ Action: Patch — fixed in June Patch Tuesday; stems from incomplete fix for CVE-2026-21510, exploited by APT28 via LNK files
CVE-2026-31431CVSS ~7.8
"Copy Fail" Linux kernel local privilege escalation
Affects: Raspberry Pi OS (both Pi nodes)
⚡ Action: Patch — unprivileged local user gains root via ~732-byte script; prioritize after internet-facing items
RCE via CSRF (GHSA-vqp6-rc3h-83cp)
Affects: Tailscale client on NUC
⚡ Action: Update — ensure Tailscale Windows client is on the current release
CVE-2026-11645CVSS ~8.8
Chromium V8 OOB read/write (CISA KEV, exploited)
Affects: Chromium-based browsers on Windows
⚡ Action: Patch — restart browser to apply auto-update
Windows 11
KB5094126 (builds 26100.8655/26200.8655)
June 9 Patch Tuesday — mandatory security fixes incl. Shell flaw above
Raspberry Pi OS
Debian 13 "Trixie", kernel 6.12 LTS
Apply latest apt updates to pick up Copy Fail kernel fix
Tailscale
June client update
Go bumped to 1.26.3; MagicDNS regression fixed so tailnet hostnames resolve after network changes
APT28 SOHO-router DNS hijacking
Source: DOJ/FBI/UK NCSC/Microsoft
Compromised TP-Link & MikroTik routers had DHCP DNS settings rewritten to attacker IPs; peaked at 18k+ IPs across 120 countries before disruption
Microsoft AiTM advisory
Source: Microsoft Security
Details SOHO router compromise to DNS hijacking to adversary-in-the-middle; relevant to any home edge router
CISA KEV additions (week of June 15)
Source: CISA
CVE-2026-20262 (Cisco SD-WAN), CVE-2026-54420 (LiteSpeed cPanel) — not in this stack, awareness only
dnsmasq / Unbound DNS flaws
Source: Help Net / NLnet Labs
Six dnsmasq CVEs + Unbound CVE-2026-33278; AdGuard Home uses its own resolver, not directly applicable unless upstream uses these
Claude Code v2.1.183 (June 19)
Release
Auto mode now blocks destructive git/IaC commands (reset --hard, clean -fd, terraform/pulumi/cdk destroy) unless explicitly requested
Claude Fable 5 launch + export hold
Model
Most capable widely-released model (1M context, always-on thinking); US export-control directive on June 12 suspended access to Fable 5 / Mythos 5
Enterprise-managed MCP connectors (beta)
Platform
Admin-provisioned connectors with zero-touch first-login auth, starting with Okta, across chat/Code/Cowork
MCP spec release candidate
Protocol
2026-07-28 RC adds stateless core, Extensions, Tasks, MCP Apps, and authorization hardening
HIGHAudit router & AdGuard DNS settings
Verify DHCP-pushed DNS points only to your AdGuard nodes (192.168.1.192 / .218); check for unknown upstream/forwarder IPs given the active APT28 campaign
⚡ Action: Inspect router DHCP + AdGuard upstream config
HIGHPatch Pi kernels (Copy Fail)
Run apt full-upgrade on both Pi nodes and reboot to load the fixed 6.12 kernel
⚡ Action: sudo apt update && sudo apt full-upgrade -y && sudo reboot
HIGHConfirm KB5094126 on NUC
June Patch Tuesday closes the actively-exploited Shell flaw
⚡ Action: Verify build 26100.8655/26200.8655 installed
MEDIUMVerify Tailscale posture
Confirm Windows client updated and that all nodes retain --accept-dns=false with key expiry disabled per policy
⚡ Action: tailscale version; review ACL/keys
Thursday, June 18 2026
ELEVATED
▼
Posture is ELEVATED, driven by June Patch Tuesday: two unauthenticated CVSS 9.8 Windows RCEs (Kernel + HTTP.sys) and at least one actively-exploited Windows Shell zero-day affect the Windows 11 NUC. Patches are already s…
🎯 PRIORITY ACTION
Confirm the NUC has the June cumulative update (KB5094126/KB5093998) installed and rebooted — this closes the actively-exploited Windows Shell zero-day and both CVSS 9.8 unauthenticated RCEs (Kernel + HTTP.sys).
CVE-2026-45657CVSS 9.8
Windows Kernel Remote Code Execution
Affects: Windows 11 (NUC)
⚡ Action: Patch — June cumulative update
CVE-2026-47291CVSS 9.8
HTTP.sys Remote Code Execution (unauthenticated, no user interaction)
Affects: Windows 11 (NUC)
⚡ Action: Patch — June cumulative update
Windows Shell flaw — actively exploited in the wild
Affects: Windows 11 (NUC)
⚡ Action: Patch immediately
"Copy Fail" Linux kernel local privilege escalation (root in seconds)
Affects: Raspberry Pi OS (both Pi nodes)
⚡ Action: Patch — sudo apt update && sudo apt full-upgrade. Requires local account; lower urgency on single-user Pis.
Windows 11 23H2
KB5093998 (build 22631.7219)
June Patch Tuesday — 200+ fixes incl. 3 zero-days and BitLocker bypass CVE-2026-45585
AdGuard Home
v0.107.78 (~June 15 2026)
Minor fixes + security/Go updates; both Pi nodes currently on 0.107.77 — minor bump available
Tailscale
1.98.0+ (Go 1.26.3)
Fixes web-interface /api/routes exit-node/route ACL bypass and a MagicDNS resolution regression
APT28 / Forest Blizzard "FrostArmada" router DNS hijacking
Source: Microsoft / NCSC
SOHO routers compromised and repointed to actor-controlled DNS resolvers; ~18k IPs at peak
CISA KEV (June 15)
Source: CISA
Added CVE-2026-20262 (Cisco SD-WAN Manager) and CVE-2026-54420 (LiteSpeed cPanel) — not in stack, situational awareness only
CISA KEV (June 9)
Source: CISA
CVE-2026-11645 Chromium V8 OOB read/write actively exploited — update Chrome/Edge on the NUC
Storm-1175 / Medusa ransomware
Source: Microsoft
Fast-moving campaign encrypting some victims within 24h of initial access
Claude Fable 5 launched (Mythos-class)
Model
SOTA across SWE/knowledge/vision; NOTE: US export-control directive suspended access to Fable 5 & Mythos 5 on June 12
Claude Code
Tooling
Added fallbackModel (up to 3), --safe-mode troubleshooting flag, and /cd to move working dir without breaking prompt cache
Claude Code MCP
MCP
Glob support in deny rules, enterprise managed MCP policy enforcement fixes, OAuth browser page revamp
Claude Managed Agents
Platform
Now run in a sandbox you control and connect to private MCP servers; lead agent delegates to parallel subagents on a shared filesystem
HIGHConfirm June Patch Tuesday on NUC
Closes actively-exploited Windows zero-days + two 9.8 unauthenticated RCEs
⚡ Action: verify KB5094126/KB5093998 installed, reboot
MEDIUMUpdate both Pi AdGuard nodes
Copy Fail kernel privesc + AdGuard 0.107.78 available
⚡ Action: SSH pi -> apt full-upgrade, bump AdGuard Home
MEDIUMVerify Tailscale clients >= 1.98.0
web-interface ACL bypass fix
⚡ Action: tailscale update; keep --accept-dns=false
MEDIUMSOHO router DNS hygiene
APT28 DNS-hijacking campaign active
⚡ Action: confirm router firmware current and DNS points only to your AdGuard nodes, not a rogue resolver
Aggregated action items from the last 5 briefs — deduplicated, sorted by priority.
HIGH PRIORITY — 30 items
HIGH
Router DNS/DHCP integrity (APT28 FrostArmada)
Homelab Advisory
2026-06-22
Verify router has not had DNS/DHCP redirected to attacker infrastructure; confirm Pi AdGuard nodes are the only resolvers
⚡ Audit router config + firmware
HIGH
Raspberry Pi kernel LPE
Homelab Advisory
2026-06-22
Both AdGuard nodes (.192, .218) exposed to Copy Fail
⚡ ssh pi@ each node, run apt full-upgrade, reboot
Windows Shell remote code execution — actively exploited
⚡ Patch — confirm KB5094126 installed
CVSS 9.x wormable, remote, no-auth — unauthenticated network RCE
⚡ Patch — fixed in June Patch Tuesday KB5094126
"Copy Fail" Linux kernel local privilege escalation
⚡ Patch — sudo apt update && sudo apt full-upgrade on both Pis
HIGH
Verify router DNS integrity
Homelab Advisory
2026-06-21
Confirm edge router DNS resolvers are unchanged and firmware is current (APT28 campaign target)
⚡ Inspect router DNS/DHCP config
HIGH
Patch both AdGuard Pi nodes' OS
Homelab Advisory
2026-06-21
Copy Fail (CVE-2026-31431) gives local root on Raspberry Pi OS
⚡ apt full-upgrade on 192.168.1.192 & .218
HIGH
Apply June Windows 11 cumulative
Homelab Advisory
2026-06-21
KB5093998 closes 3 zero-days incl. Defender EoP + BitLocker bypass
⚡ Install & reboot NUC
Windows Defender Elevation of Privilege (zero-day, exploited in wild)
⚡ Patch — fixed in June update (out-of-band patch issued May 19)
BitLocker Security Feature Bypass ("Yellow Key")
⚡ Patch — included in KB5093998
"Copy Fail" Linux kernel local privilege escalation (root in seconds)
⚡ Patch — sudo apt update && sudo apt full-upgrade; watch for kernel patch
Unbound DNSSEC heap overflow (DoS / possible RCE)
⚡ Investigate/Monitor — upgrade to Unbound 1.25.1 if present
HIGH
Patch NUC-Lab now
Homelab Advisory
2026-06-20
Apply June cumulative to close CVE-2026-45657 (9.8)
⚡ run Windows Update + reboot
HIGH
Patch both Pi nodes
Homelab Advisory
2026-06-20
Kernel update closes Copy Fail + AppArmor privesc
⚡ sudo apt update && sudo apt full-upgrade && reboot
Windows Kernel use-after-free RCE
⚡ Patch (June 2026 cumulative; not yet exploited but critical)
"Copy Fail" Linux kernel local privilege escalation
⚡ Patch kernel — local-only, needs existing account; still update
AppArmor LSM local privesc / info disclosure
⚡ Patch (covered by same kernel update)
Chromium V8 out-of-bounds read/write (CISA KEV, actively exploited)
⚡ Update Chrome to latest
HIGH
Audit router & AdGuard DNS settings
Homelab Advisory
2026-06-19
Verify DHCP-pushed DNS points only to your AdGuard nodes (192.168.1.192 / .218); check for unknown upstream/forwarder IPs given the active APT28 campaign
⚡ Inspect router DHCP + AdGuard upstream config
HIGH
Patch Pi kernels (Copy Fail)
Homelab Advisory
2026-06-19
Run apt full-upgrade on both Pi nodes and reboot to load the fixed 6.12 kernel
⚡ sudo apt update && sudo apt full-upgrade -y && sudo reboot
HIGH
Confirm KB5094126 on NUC
Homelab Advisory
2026-06-19
June Patch Tuesday closes the actively-exploited Shell flaw
⚡ Verify build 26100.8655/26200.8655 installed
Windows Shell spoofing (zero-click, NTLM relay)
⚡ Patch — fixed in June Patch Tuesday; stems from incomplete fix for CVE-2026-21510, exploited by APT28 via LNK files
"Copy Fail" Linux kernel local privilege escalation
⚡ Patch — unprivileged local user gains root via ~732-byte script; prioritize after internet-facing items
RCE via CSRF (GHSA-vqp6-rc3h-83cp)
⚡ Update — ensure Tailscale Windows client is on the current release
Chromium V8 OOB read/write (CISA KEV, exploited)
⚡ Patch — restart browser to apply auto-update
HIGH
Confirm June Patch Tuesday on NUC
Homelab Advisory
2026-06-18
Closes actively-exploited Windows zero-days + two 9.8 unauthenticated RCEs
⚡ verify KB5094126/KB5093998 installed, reboot
Windows Kernel Remote Code Execution
⚡ Patch — June cumulative update
HTTP.sys Remote Code Execution (unauthenticated, no user interaction)
⚡ Patch — June cumulative update
Windows Shell flaw — actively exploited in the wild
⚡ Patch immediately
"Copy Fail" Linux kernel local privilege escalation (root in seconds)
⚡ Patch — sudo apt update && sudo apt full-upgrade. Requires local account; lower urgency on single-user Pis.
MEDIUM PRIORITY — 9 items
MEDIUM
Windows Defender RoguePlanet zero-day
Homelab Advisory
2026-06-22
Local SYSTEM escalation on patched Win 11
⚡ Confirm Defender engine current; limit local untrusted execution until OOB fix lands
MEDIUM
Tailscale client version
Homelab Advisory
2026-06-22
ACL capability bypass via web interface (port 5252)
⚡ Update all nodes to >=1.98.0 (keep --accept-dns=false, key expiry disabled per policy)
Windows Defender race condition — public zero-day, SYSTEM shell on fully-patched Win 11
⚡ Investigate/Monitor — confirm Defender platform/engine is current; watch for out-of-band fix
MEDIUM
Confirm Tailscale >= 1.98.0
Homelab Advisory
2026-06-21
Closes local web-UI ACL bypass; key expiry remains disabled, --accept-dns=false retained
⚡ Update clients, verify flags
MEDIUM
Audit router/AdGuard DNS
Homelab Advisory
2026-06-20
Forest Blizzard targets SOHO router DNS
⚡ verify no rogue DNS, confirm AdGuard upstreams intact on both nodes
MEDIUM
Verify Tailscale posture
Homelab Advisory
2026-06-19
Confirm Windows client updated and that all nodes retain --accept-dns=false with key expiry disabled per policy
⚡ tailscale version; review ACL/keys
MEDIUM
Update both Pi AdGuard nodes
Homelab Advisory
2026-06-18
Copy Fail kernel privesc + AdGuard 0.107.78 available
⚡ SSH pi -> apt full-upgrade, bump AdGuard Home
MEDIUM
Verify Tailscale clients >= 1.98.0
Homelab Advisory
2026-06-18
web-interface ACL bypass fix
⚡ tailscale update; keep --accept-dns=false
MEDIUM
SOHO router DNS hygiene
Homelab Advisory
2026-06-18
APT28 DNS-hijacking campaign active
⚡ confirm router firmware current and DNS points only to your AdGuard nodes, not a rogue resolver
LOW PRIORITY — 1 item
LOW
AdGuard Home upgrade
Homelab Advisory
2026-06-20
v0.107.78 available (you are on v0.107.77)
⚡ optional upgrade when convenient
📈 Threat Posture — Last 5 Days
Current Level
ELEVATED
5-Day Avg
ELEVATED
Briefs Tracked
5
Elevated+ Days
4 / 5