POPULARITY
233 episodes with stormcast
93 episodes with stormcast
39 episodes with stormcast
28 episodes with stormcast
40 episodes with stormcast
7 episodes with stormcast
10 episodes with stormcast
7 episodes with stormcast
3 episodes with stormcast
9 episodes with stormcast
5 episodes with stormcast
10 episodes with stormcast
5 episodes with stormcast
3 episodes with stormcast
2 episodes with stormcast
5 episodes with stormcast
2 episodes with stormcast
2 episodes with stormcast
2 episodes with stormcast
2 episodes with stormcast
4 episodes with stormcast
4 episodes with stormcast
2 episodes with stormcast
6 episodes with stormcast
30 episodes with stormcast
4 episodes with stormcast
2 episodes with stormcast
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
How has use of framing protection security headers changed in the past 3 years? https://isc.sans.edu/diary/How%20has%20use%20of%20framing%20protection%20security%20headers%20changed%20in%20the%20past%203%20years%3F/33068 Preparing for npm v12: install scripts and non-registry sources become opt-in https://github.com/orgs/community/discussions/198547 Adobe Patches https://helpx.adobe.com/security.html Rogue Planet new Microsoft Defender Vulnerability https://github.com/MSNightmare/RoguePlanet My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft June 2026 Patch Tuesday https://isc.sans.edu/diary/Microsoft%20June%202026%20Patch%20Tuesday/33064 Miasma Software Supply Chain Attack Toolkit Source Published https://safedep.io/inside-the-miasma-supply-chain-attack-toolkit/ Fortinet FortiSandbox Vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-26-141 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack https://www.stepsecurity.io/blog/miasma-worm-hits-microsoft-again-azure-functions-action-and-72-other-repositories-disabled-after-supply-chain-attack-targeting-ai-coding-agents Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751) https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/ Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE Deployments https://kb.cert.org/vuls/id/615987 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
The Evil MSI Background is Back! https://isc.sans.edu/diary/The%20Evil%20MSI%20Background%20is%20Back!/33054 The Smart TV in Your LivingRoom Is a Node in the AIScraping Economy https://blog.includesecurity.com/2026/06/the-smart-tv-in-your-livingroom-is-a-node-in-the-aiscraping-economy/ Brute force attack on Dashlane user accounts https://support.dashlane.com/hc/en-us/articles/36038764990866-Security-advisory-Brute-force-attack-on-Dashlane-user-accounts#update-jun-4 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft's Coreutils for Windows https://isc.sans.edu/diary/Microsoft%27s%20Coreutils%20for%20Windows/33048 Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability CVE-2026-20230 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cucm-ssrf-cXPnHcW Firmware Update for Acer Connect W6x Router https://community.acer.com/en/kb/articles/19672 OAuth marketplace apps keep access after publishers vanish https://www.helpnetsecurity.com/2026/06/04/oauth-marketplace-apps-audit/ My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Continuing Scans for swagger.json https://isc.sans.edu/diary/Continuing+Scans+for+swaggerjson/33044/#comments Fake call detection on Android https://blog.google/security/android-fake-call-detection/ Anthropic's coordinated vulnerability disclosure dashboard https://red.anthropic.com/2026/cvd/ My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
New Wave Of Phishing Emails with SVG Files https://isc.sans.edu/diary/New%20Wave%20Of%20Phishing%20Emails%20with%20SVG%20Files/33040 Android 2026-06-01 security patch level vulnerability details https://source.android.com/docs/security/bulletin/2026/2026-06-01 Poly Voice Possible Remote Control of Certain Poly Devices CVE-2026-0826 https://support.hp.com/us-en/document/ish_15052661-15052687-16/hpsbpy04083 https://www.rapid7.com/blog/post/ve-cve-2026-0826-critical-unauthenticated-stack-buffer-overflow-hp-poly-vvx-trio-voip-phones-fixed/ Security Advisory Ivanti Neurons for ITSM (CVE-2026-9614) https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Neurons-for-ITSM-CVE-2026-9614?language=en_US My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Unidentified RAT pushes NetSupport RAT https://isc.sans.edu/diary/Unidentified%20RAT%20pushes%20NetSupport%20RAT/33034 CVE-2026-41089: Windows Netlogon Vulnerability Exploited https://ccb.belgium.be/advisories/warning-microsoft-patch-tuesday-may-2026-patches-118-vulnerabilities-16-critical-102 RedHat npm Packages Affected https://www.aikido.dev/blog/red-hat-npm-packages-compromised-credential-stealing-worm Dashlane Locking Accounts after Brute Force https://status.dashlane.com/pages/5aabcb89fccc4b04d3774443 My Upcoming Classes https://www.sans.org/profiles/dr-johannes-ullrich
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Announcing Bitskrieg https://deadeclipse666.blogspot.com/2026/05/announcing-bitskrieg.html Vulnerability in Gogs https://www.rapid7.com/blog/post/ve-authenticated-rce-via-argument-injection-gogs-unfixed/ Oracle Critical Security Patch Update Advisory - May 2026 https://www.oracle.com/security-alerts/cspumay2026.html GlobalProtect Authentication Bypass Vulnerabilities CVE-2026-0257 https://security.paloaltonetworks.com/CVE-2026-0257
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Research Review Journal https://assets.contentstack.io/v3/assets/blt83c410d686aa5f84/blt3cff46f63887f83e/research-review-journal https://www.sans.edu/cyber-research Analysis of a Year of Files Uploaded to DShield Sensors https://isc.sans.edu/diary/Analysis%20of%20a%20Year%20of%20Files%20Uploaded%20to%20DShield%20Sensors/33026 The Word 'Toad' Gave Any Website Full Control of Chrome's Most Popular VPN https://amibeingpwned.com/blog/urban-vpn-postmessage-command-injection Silent Ransom Group Impersonating IT Personnel through Social Engineering https://www.ic3.gov/CSA/2026/260526.pdf
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Reconstructing an Akira Ransomware Kill Chain from Perimeter and Endpoint Logs https://isc.sans.edu/diary/Reconstructing%20an%20Akira%20Ransomware%20Kill%20Chain%20from%20Perimeter%20and%20Endpoint%20Logs/33024 Vaultjacking: One Captured PIN, the Entire Google Password Manager Vault https://phishu.net/blogs/blog-vaultjacking-phishing-the-google-password-manager-vault-in-the-phishu-framework.html From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities https://www.microsoft.com/en-us/security/blog/2026/05/26/poisoned-search-results-gpu-mining-cryptojacking-campaign-abusing-screenconnect-microsoft-net-utilities/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Possible ACR Stealer From Page Impersonating Claude https://isc.sans.edu/diary/Possible%20ACR%20Stealer%20From%20Page%20Impersonating%20Claude/33018 Microsoft SharePoint Remote Code Execution Vulnerability CVE-2026-45659 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45659 Multiple Vulnerabilities in Angular Language Service VS Code Extension https://github.com/angular/angular/security/advisories/GHSA-ccq4-xmxr-8hcq
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft Access VBA https://isc.sans.edu/diary/Microsoft%20Access%20VBA/33012 An Example of Stack String in High Level Language https://isc.sans.edu/diary/An%20Example%20of%20Stack%20String%20in%20High%20Level%20Language/33008 Cross-Platform NPM Stealer https://isc.sans.edu/diary/Cross-Platform%20NPM%20Stealer/33006 Laravel Lang Compromised with RCE Backdoor Across https://socket.dev/blog/laravel-lang-compromise Google API keys keep working after you delete them https://www.aikido.dev/blog/google-api-keys-deletion
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Selective HTTP Proxying in Linux https://isc.sans.edu/diary/Selective%20HTTP%20Proxying%20in%20Linux/33002 Megalodon: Mass GitHub Repo Backdooring via CI Workflows https://safedep.io/megalodon-mass-github-repo-backdooring-ci-workflows/ MSFT Patches Recent Windows Defender Flaws CVE-2026-41091, CVE-2026-45498, CVE-2026-45584 https://x.com/fabian_bader/status/2057198207243804881 Cisco Secure Workload Unauthorized API Access Vulnerability CVE-2026-20223 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-csw-pnbsa-g8WEnuy
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
GitHub Breach https://x.com/github/status/2056949168208552080 Agentic Threat Intelligence Feed - VS Code Extensions https://agentmesh.knostic.ai/extensions More NGINX Vulnerabilities https://x.com/nebusecurity/status/2057071579876753643 https://my.f5.com/manage/s/article/K000161307 Microsoft Publishes YellowKey Mitigation CVE-2026-45585 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45585 Incomplete Sonicwall Patch CVE-2024-12802 https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0001
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
TeamPCP Supply Chain Campaign: Activity Through 2026-05-17 https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Activity%20Through%202026-05-17/32994 https://slsa.dev/spec/v0.1/levels Github Action Compromise https://www.stepsecurity.io/blog/actions-cool-issues-helper-github-action-compromised-all-tags-point-to-imposter-commit-that-exfiltrates-ci-cd-credentials How Storm-2949 turned a compromised identity into a cloud-wide breach https://www.microsoft.com/en-us/security/blog/2026/05/18/storm-2949-turned-compromised-identity-into-cloud-wide-breach/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
New Malware Libraries means New Signatures https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20%20New%20Malware%20Libraries%20means%20New%20Signatures/32986 Addressing Exchange Server May 2026 vulnerability CVE-2026-42897 https://techcommunity.microsoft.com/blog/exchange/addressing-exchange-server-may-2026-vulnerability-cve-2026-42897/4518498 Microsoft Authenticator Update CVE-2026-41615 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41615 ssh-keysign-pwn (CVE-2026-46333) Patches Released https://almalinux.org/blog/2026-05-15-ssh-keysign-pwn-cve-2026-46333/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Tearing apart website fraud to see how it works. (@sans_edu) https://isc.sans.edu/diary/%5BGUEST%20DIARY%5D%20Tearing%20apart%20website%20fraud%20to%20see%20how%20it%20works./32958 Simple bypass of the link preview function in Outlook Junk folder https://isc.sans.edu/diary/Simple%20bypass%20of%20the%20link%20preview%20function%20in%20Outlook%20Junk%20folder/32990 NGINX Vulnerability https://depthfirst.com/nginx-rift Cisco SDWan 0-Day https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Proxying the Unproxyable? Sending EXE traffic to a Proxy https://isc.sans.edu/diary/Proxying%20the%20Unproxyable%3F%20Sending%20EXE%20traffic%20to%20a%20Proxy/32982 New Nightmare Eclipse Vulnerabilities Disclosed https://github.com/Nightmare-Eclipse/YellowKey https://github.com/Nightmare-Eclipse/GreenPlasma Adobe Patches https://helpx.adobe.com/security.html
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft Patch Tuesday https://isc.sans.edu/diary/32980 Tanstack npm and others compromised https://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack Ruby Gems Attack https://x.com/maciejmensfeld/status/2054164602577940619
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Apple Patches Everything https://isc.sans.edu/diary/Apple%20Patches%20Everything/32976 End-to-End Encrypted RCS Messages https://www.apple.com/newsroom/2026/05/end-to-end-encrypted-rcs-messaging-begins-rolling-out-today-in-beta/ Why we use CAPTCHAs https://isc.sans.edu/diary/Why%20we%20use%20CAPTCHAs/32974 Checkmarx Jenkins AST plugin compromise https://checkmarx.com/blog/ongoing-security-updates/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Another Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Frag https://isc.sans.edu/diary/Another%20Universal%20Linux%20Local%20Privilege%20Escalation%20%28LPE%29%20Vulnerability%3A%20Dirty%20Frag/32968 PAM Backdoors Steel Passwords https://flare.io/learn/resources/blog/pamdoora-new-linux-pam-based-backdoor-sale-dark-web CPanel Updates https://support.cpanel.net/hc/en-us/sections/360007088193-Security Let s Encrypt Briefly Halts Certificate Issuance https://letsencrypt.status.io
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
An Adaptive Cyber Analytics UI for Web Honeypot Logs https://isc.sans.edu/diary/An%20Adaptive%20Cyber%20Analytics%20UI%20for%20Web%20Honeypot%20Logs%20%5BGuest%20Diary%5D/32962 Ivanti May Patchday https://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-Multiple-CVEs Redis Security advisory: [CVE 2026 23479] [CVE 2026 25243] [CVE-2026-25588] [CVE 2026 25589] [CVE-2026-23631] https://redis.io/blog/security-advisory-cve202623479-cve202625243-cve-2026-25588-cve202625589-cve-2026-23631/ @sans_edu research paper: Marcio Enriquez [link will be added once the paper has been published]
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Technical issue with .de domains https://blog.denic.de/en/technical-issue-with-de-domains-resolved/ CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID Authentication Portal https://security.paloaltonetworks.com/CVE-2026-0300 Android Security Bulletin May 2026 CVE-2026-0073 https://source.android.com/docs/security/bulletin/2026/2026-05-01
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Cleartext Passwords in MS Edge? In 2026? https://isc.sans.edu/diary/Cleartext%20Passwords%20in%20MS%20Edge%3F%20In%202026%3F/32954 SSL.com rotates its root certificate today https://isc.sans.edu/diary/SSL.com%20rotates%20their%20root%20certificate%20today/32956 DEAMONTOOLS Compromise https://securelist.com/tr/daemon-tools-backdoor/119654/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
DShield Honeypot Update https://isc.sans.edu/diary/DShield%20Honeypot%20Update/32948 MOVEit Automation Critical Security Alert Bulletin April 2026 (CVE-2026-4670, CVE-2026-5174) https://community.progress.com/s/article/MOVEit-Automation-Critical-Security-Alert-Bulletin-April-2026-CVE-2026-4670-CVE-2026-5174 Apache httpd http2 vulnerability https://seclists.org/oss-sec/2026/q2/387
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Malicious Ad for Homebrew Leads to MacSync Stealer https://isc.sans.edu/diary/Malicious%20Ad%20for%20Homebrew%20Leads%20to%20MacSync%20Stealer/32942 Wireshark Update https://www.wireshark.org/docs/relnotes/wireshark-4.6.5.html Digicert Microsoft Defender False Positive https://www.reddit.com/r/cybersecurity/comments/1t2hfsh/mde_flagging_digi_cert_certificate_as_malicious/ https://bugzilla.mozilla.org/show_bug.cgi?id=2033170 cPanel Exploited https://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Danger of Libredtail https://isc.sans.edu/diary/Danger%20of%20Libredtail%20%5BGuest%20Diary%5D/32936 FreeBSD dhclient vulnerability https://www.freebsd.org/security/advisories/FreeBSD-SA-26:12.dhclient.asc Linux Copy-Fail Vulnerability CVE-2026-31431 https://copy.fail Bryan Nice Research Paper https://www.linkedin.com/in/bryannice/ https://www.sans.edu/cyber-research/detecting-ai-pickling
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Today's Odd Web Requests https://isc.sans.edu/diary/Today%27s%20Odd%20Web%20Requests/32934 Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202 https://www.akamai.com/blog/security-research/2026/apr/incomplete-patch-apt28s-zero-day-cve-2026-32202 Assess Secure Boot status with Microsoft Defender https://techcommunity.microsoft.com/blog/MicrosoftDefenderATPBlog/assess-secure-boot-status-with-microsoft-defender/4510356 Deprecating Legacy TLS and Endpoints for POP and IMAP in Exchange Online https://techcommunity.microsoft.com/blog/exchange/deprecating-legacy-tls-and-endpoints-for-pop-and-imap-in-exchange-online/4515201 SAP Related npm Packages Compromised https://www.stepsecurity.io/blog/a-mini-shai-hulud-has-appeared
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
HTTP Requests with X-Vercel-Set-Bypass-Cookie Header https://isc.sans.edu/diary/HTTP%20Requests%20with%20X-Vercel-Set-Bypass-Cookie%20Header/32930 GitHub Vulnerability CVE-2026-3854 https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854 Microsoft RDP Notification Bug https://support.microsoft.com/en-us/topic/april-14-2026-kb5083768-os-build-28000-1836-839e4a25-d979-4158-b70c-182333045883
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
TeamPCP Update https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20008%20-%2026-Day%20Pause%20Ends%20with%20Three%20Concurrent%20Compromises%20%28Checkmarx%20KICS%2C%20Bitwarden%20CLI%20Cascade%2C%20xinference%20PyPI%29%2C%20CanisterSprawl%20npm%20Worm%20Identified%2C%20and%20Tier%201%20Coverage%20Returns/32926 https://socket.dev/blog/73-open-vsx-sleeper-extensions-glassworm https://checkmarx.com/blog/checkmarx-security-update-april-26/ 89 vulnerabilities in XAPI / Citrix XenServer https://shittrix.moksha.dk/#rationale Phantom RPC https://securelist.com/phantomrpc-rpc-vulnerability/119428/ Pi-Hole Vulnerability CVE-2026-41489 https://github.com/pi-hole/pi-hole/security/advisories/GHSA-6w8x-p785-6pm4 Linux Kernel Problem CVE-2026-41651 https://nvd.nist.gov/vuln/detail/CVE-2026-41651
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Apple Patches Exploited Notification Flaw https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Notification%20Flaw/32922 Bitwarden CLI Compromised https://socket.dev/blog/bitwarden-cli-compromised https://community.bitwarden.com/t/bitwarden-statement-on-checkmarx-supply-chain-incident/96127 Microsoft Security Advisory CVE-2026-40372 ASP.NET Core Elevation of Privilege https://github.com/dotnet/announcements/issues/395
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Beyond%20Cryptojacking%3A%20Telegram%20tdata%20as%20a%20Credential%20Harvesting%20Vector%2C%20Lessons%20from%20a%20Honeypot%20Incident/32888 Checkmarx Compromise https://socket.dev/blog/checkmarx-supply-chain-compromise Oracle Quarterly Critical Patch Update https://www.oracle.com/security-alerts/cpuapr2026.html Firefox 150 - Mythos AI https://blog.mozilla.org/en/privacy-security/ai-security-zero-day-vulnerabilities/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
A .WAV With A Payload https://isc.sans.edu/diary/A%20.WAV%20With%20A%20Payload/32910 The Phishy GitHub Issue Case https://blog.atsika.ninja/posts/the-phishy-github-issue-case/ P4WNED: How Insecure Defaults in Perforce Expose Source Code Across the Internet https://morganrobertson.net/p4wned/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Handling the CVE Flood With EPSS https://isc.sans.edu/diary/Handling%20the%20CVE%20Flood%20With%20EPSS/32914 Windows Server 2025 Out of Band Patch https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#4835 QEMU abused to evade detection and enable ransomware delivery https://www.sophos.com/en-us/blog/qemu-abused-to-evade-detection-and-enable-ransomware-delivery
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Lumma Stealer infection with Sectop RAT (ArechClient2) https://isc.sans.edu/diary/Lumma%20Stealer%20infection%20with%20Sectop%20RAT%20%28ArechClient2%29/32904 Three Recent Windows Defender Vulnerabilities Exploited (one 0-day) https://x.com/HuntressLabs/status/2044882115574091960 FortiSandbox PoC Exploit CVE-2026-39808 https://github.com/samu-delucas/CVE-2026-39808?tab=readme-ov-file NIST Updates NVD Operations to Address Record CVE Growth https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Compromised DVRs and Finding Them in the Wild https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Compromised%20DVRs%20and%20Finding%20Them%20in%20the%20Wild/32886 Cisco ISE RCE Vulnerability and WebEx Auth Bypass CVE-2026-20184 CVE-2026-20180 CVE-2026-20186 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL Windows Defender 0-Day (RedSun) https://github.com/Nightmare-Eclipse/RedSun Sonatype Vulnerability CVE-2026-5189 https://support.sonatype.com/hc/en-us/articles/50817138825491-CVE-2026-5189-Nexus-Repository-3-Hardcoded-Credential-in-Internal-Database-Component-2026-04-15
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Scanning for AI Models https://isc.sans.edu/diary/Scanning%20for%20AI%20Models/32896 Microsoft Update Problems https://support.microsoft.com/en-us/topic/april-14-2026-kb5082063-os-build-26100-32690-c57e289d-27c9-47cd-a183-72fabc62c5d7#:~:text=Known%20issues%20in%20this%20update Microsoft RDP File Warnings https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/remotepc/understanding-security-warnings AI GitHub Action Vulnerabilities https://oddguan.com/blog/comment-and-control-prompt-injection-credential-theft-claude-code-gemini-cli-github-copilot/ https://www.theregister.com/2026/04/15/claude_gemini_copilot_agents_hijacked/ Wireguard Update https://lists.zx2c4.com/pipermail/wireguard/2026-April/009561.html
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Microsoft Patch Tuesday April 2026 https://isc.sans.edu/forums/diary/Microsoft%20Patch%20Tuesday%20April%202026./32898/ Adobe Patches https://helpx.adobe.com/security/Home.html Fortinet Patches https://fortiguard.fortinet.com/psirt
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Scans for EncystPHP Webshell https://isc.sans.edu/diary/Scans%20for%20EncystPHP%20Webshell/32892 CPUID Compromise https://securelist.com/tr/cpu-z/119365/ https://x.com/d0cTB/status/2042520961824559150 OpenAI Mac Application Update due to Axios Compromise https://openai.com/index/axios-developer-tool-compromise/ Axios Vulnerability CVE-2026-40175 https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Obfuscated JavaScript or Nothing https://isc.sans.edu/diary/Obfuscated%20JavaScript%20or%20Nothing/32884 Numbers in Passwords https://isc.sans.edu/diary/Number%20Usage%20in%20Passwords%3A%20Take%20Two/32866 Adobe 0-Day Patch CVE-2026-34621 https://helpx.adobe.com/security/products/acrobat/apsb26-43.html ClickFix Bypass via ScriptEditor https://www.jamf.com/blog/clickfix-macos-script-editor-atomic-stealer/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Honeypot Fingerprinting https://isc.sans.edu/diary/More%20Honeypot%20Fingerprinting%20Scans/32878 Microsoft Locks Accounts for Privacy/Encryption Related Developers https://sourceforge.net/p/veracrypt/discussion/general/thread/9620d7a4b3/ https://news.ycombinator.com/item?id=47687884 https://x.com/windscribecom/status/2041929519628443943 https://windowsforum.com/threads/april-2026-windows-update-ends-cross-signed-kernel-driver-trust.410487/ Remote Code Execution in Apache ActiveMQ (CVE-2026-34197) https://horizon3.ai/attack-research/disclosures/cve-2026-34197-activemq-rce-jolokia/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
A Little Bit Pivoting: What Web Shells are Attackers Looking for Today? https://isc.sans.edu/diary/A%20Little%20Bit%20Pivoting%3A%20What%20Web%20Shells%20are%20Attackers%20Looking%20for%3F/32874 WatchGuard Firebox Arbitrary File Write via Path Traversal in Fireware Web UI https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00009 Project Glasswing https://www.anthropic.com/glasswing Current Threats Against Kubernetes https://unit42.paloaltonetworks.com/modern-kubernetes-threats/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
How often are redirects used in phishing in 2026? https://isc.sans.edu/diary/How%20often%20are%20redirects%20used%20in%20phishing%20in%202026%3F/32870 Hackerone Suspends Internet Bug Bounty https://hackerone.com/ibb?type=team https://www.linkedin.com/posts/danielstenberg_hackerone-share-7446667043380076545-RX9b/ Bluehammer Windows 0-day Privilege Escalation https://github.com/Nightmare-Eclipse/BlueHammer https://deadeclipse666.blogspot.com/2026/04/public-disclosure.html https://deepwiki.com/Nightmare-Eclipse/BlueHammer Keycloak MFA Bypass CVE-2026-3429 https://access.redhat.com/security/cve/cve-2026-3429
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Team PCP Update and Axios Post Mortem https://isc.sans.edu/diary/32864 https://github.com/axios/axios/issues/10636 Strapi NPM Packages Compromised https://safedep.io/malicious-npm-strapi-plugin-events-c2-agent/ Fortinet CVE-2026-35616 exctively exploited https://fortiguard.fortinet.com/psirt/FG-IR-26-099
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Attempts to Exploit Exposed "Vite" Installs (CVE-2025-30208) https://isc.sans.edu/diary/Attempts%20to%20Exploit%20Exposed%20%22Vite%22%20Installs%20%28CVE-2025-30208%29/32860 OpenSSH 10.3 Release https://seclists.org/oss-sec/2026/q2/7 Claude Code Vulnerability https://adversa.ai/claude-code-security-bypass-deny-rules-disabled/
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Malicious Script That Gets Rid of ADS https://isc.sans.edu/diary/Malicious%20Script%20That%20Gets%20Rid%20of%20ADS/32854 Google Chrome Update fixes 21 Vulnerabilities and 0-Day https://chromereleases.googleblog.com/2026/03/stable-channel-update-for-desktop_31.html Apple Addresses Darksword Vulnerabilities for older devices https://support.apple.com/en-us/126793
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Application Control Bypass for Data Exfiltration https://isc.sans.edu/diary/Application%20Control%20Bypass%20for%20Data%20Exfiltration/32850 Axios NPM Module Supply Chain Compromise https://www.stepsecurity.io/blog/axios-compromised-on-npm-malicious-versions-drop-remote-access-trojan https://www.linkedin.com/events/7444763050819092480/ TeamPCP vs. Cloud Resources https://www.wiz.io/blog/tracking-teampcp-investigating-post-compromise-attacks-seen-in-the-wild
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
Honeypot Session Lifetime https://isc.sans.edu/diary/DShield%20%28Cowrie%29%20Honeypot%20Stats%20and%20When%20Sessions%20Disconnect/32840 Let s Encrypt Tests Mass Revocation https://community.letsencrypt.org/t/lets-encrypt-2026-mass-revocation-simulation/245960 https://www.certkit.io/blog/ari-solves-mass-certificate-revocation https://www.certkit.io/blog/lets-encrypt-mass-revocation-simulation F5 Vulnerability Re-Classified (and already exploited) as RCE https://my.f5.com/manage/s/article/K000156741
SANS Internet Stormcenter Daily Network/Cyber Security and Information Security Stormcast
TeamPCP Update #2: Telnyx PyPi Compromise https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20002%20-%20Telnyx%20PyPI%20Compromise%2C%20Vect%20Ransomware%20Mass%20Affiliate%20Program%2C%20and%20First%20Named%20Victim%20Claim/32838 Citrix Netscaler Vulnerability Details https://labs.watchtowr.com/the-sequels-are-never-as-good-but-were-still-in-pain-citrix-netscaler-cve-2026-3055-memory-overread/ macOS Clickfix Warning https://x.com/ClassicII_MrMac/status/2036797948911141129 Windows Smart Install https://textslashplain.com/2026/03/24/windows-choose-where-to-get-apps/
© 2020-2026 Ivy Podcast Discovery LLC
