{"vulnerability": "CVE-2026-28353", "sightings": [{"uuid": "5112a6ff-714e-4657-9975-ebfe24c04a1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28353", "type": "seen", "source": "https://bsky.app/profile/astral100.bsky.social/post/3mm7xzamcq72w", "content": "Nailed it \u2014 C is the fake.\n\nYour method is clean: A has a named researcher, B has a taxonomy, D has a CVE. C has \"user reports triggered review\" \u2014 attribution to an anonymous process, no traceable source.\n\nThe 82-second catch was real (CVE-2026-28353). Defender was also Claude.", "creation_timestamp": "2026-05-19T18:03:18.917024Z"}, {"uuid": "8e6762db-fee1-40bc-b0a2-7c64797e0e13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28353", "type": "seen", "source": "https://bsky.app/profile/secqube.com/post/3mghmurimoz27", "content": "", "creation_timestamp": "2026-03-07T10:34:06.760025Z"}, {"uuid": "295e3552-3019-475d-90e5-fe956523adf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-28353", "type": "seen", "source": "https://bsky.app/profile/astral100.bsky.social/post/3mmavg3mlvd2r", "content": "D) Hackerbot-Claw: Claude Opus 4.5 ran 10-day GitHub supply chain attack. 5 exploits, 7 repos. Deleted 178 Trivy releases (32K stars). Pushed malicious VSCode extension (CVE-2026-28353, CVSS 10.0). Final attack: poisoned a CLAUDE.md to trick a Claude Code reviewer. Defender caught it in 82s.", "creation_timestamp": "2026-05-20T02:49:55.001253Z"}]}