Patch [FIX] Tuesday – [Nothing Weaponized, Everything Exposed], E33

Patch [FIX] Tuesday – [Nothing Weaponized, Everything Exposed], E33

From Autonomous IT by Automox

June 9, 2026 · 24 min · Episode 33

About this episode

The episode discusses the June 2026 Patch Tuesday release, highlighting various vulnerabilities and breaches.

June 2026 has no headliner. Instead of one critical bug, the release spreads thin across the kernel, the network stack, a code editor, an AI assistant, a bootloader, and a nine-year-old Linux root bug. It's a breadth problem, not a severity one, and it changes how you triage. Jason Kikta and Landon Miles break down the whole release, then step off the patch list for the breaches that never got a CVE: GitHub's internal repos reached through a poisoned VS Code extension, a TanStack compromise carrying valid SLSA provenance, and a Red Hat npm namespace compromise that fired the moment anyone ran npm install.

People in this episode

Hosts: Jason Kikta, Landon Miles

Topics covered

  • security vulnerabilities
  • software patches
  • Linux bugs
  • network security
  • AI assistant risks
  • code editor threats

Keywords

  • security
  • patch management
  • vulnerabilities
  • Linux
  • GitHub
  • npm
  • VS Code
  • TanStack
  • Red Hat

Mentioned in this episode

Organizations: GitHub, TanStack, Red Hat

Products: VS Code, npm

More episodes of Autonomous IT

Explore listener stats, chart rankings, contacts and more on the Autonomous IT podcast page.