CISA GitHub leak response guide for AWS GovCloud keys, plaintext passwords, secret scanning, credential rotation, contractor controls, and admin audits.
Proxmox May 2026 operations roundup for PBS 4.2, StorPool integration, Kasm Workspaces, and multi-cluster planning for hosting admins.
VMware/Broadcom May 2026 virtualization checklist for VCF 9.1, vCenter virtual hardware, Workstation/Fusion 26H1, XCP-ng, and VM hosting admins.
HAProxy Community, Enterprise, and ALOHA saw May 2026 release movement. Check versions, validate configs, reload safely, and verify TLS/backend health.
Updated June 13: Plesk Obsidian admins should check PHP 8.5.7, PHP 8.4.22, ImageMagick, AVIF, Roundcube 1.6.16, backups, services, logs, and customer webmail after June maintenance.
Patch Gravity SMTP CVE-2026-4020 and CVE-2026-4162, rotate WordPress mail-service credentials, and review sending logs after active attack reports.
Update Caddy to 2.11.3 or later for CVE-2026-45135, then review PHP-FPM routing, upload paths, logs, and writable web directories.
Update Azure Local Disconnected Operations to ALDO 2604 or later for CVE-2026-42822, then verify backups, identity health, and privileged access.
Patch Kubernetes SMB CSI Driver CVE-2026-3865 to v1.20.1+, restrict PersistentVolume creation, review SMB exports, and verify backups.
Windows Secure Boot certificates from 2011 begin expiring in June 2026. Patch, reboot, verify, and stage server rollout safely.
