The Lyceum: Cyber Intelligence Daily — Jun 05, 2026

Today's theme is uncomfortable and consistent: the software and institutions you trust to protect you are the ones leaving the door open. Cisco's SD-WAN management brain has a root-level zero-day under active attack with no patch. The text editor and the code editor on your developer's laptop both became attack vectors this week. And the people who steal from law firms now ring the front desk and ask for the help desk by name. None of this is exotic — it's the same attack surface we've always had, just with the trust assumptions stripped out.

• CVE-2026-20245 — Cisco Catalyst SD-WAN Manager (all deployments): actively exploited, no patch available, CVSS 7.8 — command injection via crafted file upload escalates to root on the SD-WAN management plane.
• CVE-2026-0257 — Palo Alto PAN-OS GlobalProtect: actively exploited (KEV-listed May 29), authentication bypass allowing unauthorized VPN access.
• CVE-2025-48595 — Android Framework (14+): patched in the June 2026 patch set, actively exploited as a zero-day, KEV deadline June 5 — integer overflow enabling local privilege escalation to code execution.
• CVE-2022-0492 — Linux Kernel: newly confirmed actively exploited, KEV deadline June 5 — four-year-old container escape with historical ties to UNC3886, Volt Typhoon, Sandworm, and OilRig.
• CVE-2024-21182 — Oracle WebLogic Server: KEV-listed, deadline was June 4, operationally exploited.
• CVE-2026-45247 — Mirasvit Full Page Cache Warmer (Magento): KEV deadline June 6, deserialization of untrusted data enabling unauthenticated exploitation.
• YAMCS 5.12.7 exploits: three new Exploit-DB PoCs (LDAP injection, user enumeration, no rate limiting) against satellite ground-segment mission-control middleware — researcher-disclosed, no vendor advisory yet.

Someone may already be inside your SD-WAN infrastructure with root-level control — and Cisco has nothing to give you to stop them.

On Thursday, Cisco warned of an unpatched zero-day in Catalyst SD-WAN Manager, tracked as CVE-2026-20245 (CVSS 7.8), actively exploited to escalate privileges to root. It affects every deployment type — on-premises, SD-WAN Cloud-Pro, Cisco-Managed Cloud, and the FedRAMP-authorized government variant. The flaw stems from improper input validation in the command-line interface: an authenticated attacker uploads a crafted file, triggers command injection, and takes the management plane. France's CERT-FR published a corroborating advisory on June 5.

The catch — and it's a thin one — is that the attack needs netadmin credentials first. CVE-2026-20245 chains with two maximum-severity authentication bypasses, CVE-2026-20127 and CVE-2026-20182 (both CVSS 10.0), the latter of which injects an attacker-controlled SSH key into the vmanage-admin account for persistent control-plane access. Cisco Talos attributes exploitation of those two to UAT-8616, a sophisticated actor it has tracked exploiting CVE-2026-20127 since at least 2023.

Root on the SD-WAN manager means an attacker can push configuration changes to every edge device in the fleet — and Cisco has confirmed it has already seen that happen in limited cases. What to watch: there is no patch and no workaround. If Cisco doesn't ship a fix within days, expect a KEV addition and likely an emergency directive — this is precisely the exploited-plus-unpatched scenario KEV exists for. In the meantime, check /var/log/scripts.log for suspicious file-upload entries, and assume a software update alone won't clean an already-compromised box.

If you write code and use VS Code with GitHub, this one was aimed at you — and the way it was disclosed says as much about the state of vendor trust as the bug itself.

Security researcher Ammar Askar disclosed a VS Code flaw that lets a malicious extension steal GitHub OAuth tokens passed to github.dev, the browser version of VS Code, by abusing the editor's sandboxed webview message-passing. The attack is elegant: malicious HTML hidden in a Jupyter Notebook runs on open, silently triggers the keyboard shortcut that approves the extension install, and the extension exfiltrates the token. The brutal part — when github.com hands a token to github.dev, that token isn't scoped to the repo you opened. It's valid for every public and private repo you can reach. Open one poisoned repository, lose the whole account.

The disclosure war is the real story. Askar notified GitHub just one hour before going public, citing a prior experience where Microsoft silently fixed a reported VS Code bug without credit or acknowledgment of its security impact. Microsoft shipped a fix on June 3 — a confirmation prompt that breaks the one-click chain — and says no customer action is required.

What to watch: this is the second VS Code/GitHub supply-chain incident in two weeks, following the May 20 breach of 3,800 internal GitHub repos via a poisoned extension. If the disclosure friction keeps escalating, Microsoft's security-response credibility stops being a researcher's grievance and becomes a structural risk for everyone running VS Code in a CI/CD pipeline.

Your law firm's files — merger terms, litigation strategy, executive correspondence — are exactly what financially motivated hackers want, and Mandiant just confirmed someone has been methodically collecting them.

Google Cloud's Mandiant team reports a data-theft-and-extortion campaign targeting U.S. law firms from January through May 2026 — five months of dwell time, long enough to be selective. Google attributes related activity to UNC3753, also known as Luna Moth, Chatty Spider, and Silent Ransom Group, which hit dozens of professional, legal, and financial-services organizations in the same window.

The TTP here is what makes it forwardable. The crew poses as internal IT, calling or emailing victims to "contact the help desk." When remote social engineering fails, the FBI warns, members physically visit firms posing as tech support and plug USB drives into machines to copy files for leverage. Halcyon counted more than 200 ransomware incidents against law firms across 2025 and early 2026 — INC Ransom and Silent both circling the same sector, drawn by sensitive data and a perceived willingness to pay quietly to protect privilege.

The attack that walks through your lobby with a visitor badge is the one your firewall can't stop. What to watch: if Mandiant names specific firms or a shared technology provider as the initial vector, dozens of simultaneous client-notification obligations fire at once.

Google released the June 2026 Android patches today, fixing 124 vulnerabilities — including one zero-day already used in targeted attacks. The actively abused flaw, CVE-2025-48595, is a high-severity Android Framework integer overflow allowing local code execution and privilege escalation on devices running Android 14 or later. Google shipped two patch levels (2026-06-01 and 2026-06-05), the latter bundling closed-source and kernel-subcomponent fixes. Google has shared no technical details and named no targets.

The "limited, targeted exploitation" phrasing is the tell. Flaws described this way are historically the province of commercial spyware vendors and nation-state operators hunting high-value individuals.

Pixel devices get the fix immediately; everyone else waits on vendor testing. Whoever is using CVE-2025-48595 right now has a window measured in weeks against the non-Pixel ecosystem. If the same flaw surfaces in enterprise MDM logs, this stops being a spyware-vendor problem and becomes a fleet problem — and the enterprise Android patch cycle is measured in months.

Ukraine's national CERT documented a campaign in which the cluster it tracks as UAC-0255 sends phishing messages spoofed to appear from CERT-UA itself, directing recipients to password-protected ZIP archives that deploy a tool called AGEWHEEZE. Using a country's own cybersecurity agency as the lure to compromise that country's workers is a particularly audacious twist on the trust-exploitation theme running through today's issue. It matters beyond Ukraine: if a national-CERT impersonation tactic surfaces in Western phishing, every government advisory channel becomes a brand worth spoofing — and security awareness training quietly needs a new module on verifying official guidance. Source: CERT-UA Advisory #21075 — Ukrainian. No English-language coverage confirmed at time of publication.

CERT-UA published an updated advisory cataloging three new malware families deployed by UAC-0057, a cluster long associated with Belarus-aligned operations against Ukrainian and EU institutions. Three new named families in a single advisory signals a group that's building rather than recycling — and that historically precedes a tempo increase against NATO supply-chain targets. Source: CERT-UA — Ukrainian. No English-language coverage confirmed at time of publication.

Today's lineup: a Cisco SD-WAN console quietly pushing rogue config to every router in the building, a Jupyter notebook silently clicking "yes, install" on your behalf, and an extortion crew in business casual asking the receptionist where the IT closet is. The most honest line in the whole issue belongs to a researcher who decided that giving Microsoft a one-hour head start was generous — and given that three of his earlier zero-days got exploited the moment they went public, he may have been right. Stay paranoid, and check your script logs.

Forward this to the friend who still trusts the "download" button.