SANS Internet Storm Center's Daily Network Security News Podcast
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
10
SANS Stormcast Friday April 24rd, 2026: Apple Update; Bitwarden Compromise; ASP.NET Core Patch (#)
SANS Stormcast Friday April 24rd, 2026: Apple Update; Bitwarden Compromise; ASP.NET Core Patch Apple Patches Exploited Notification Flaw https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Notification%20Flaw/32922 Bitwarden CLI Compromised https://socket.dev/blog/bitwarden-cli-compromised Microsoft Security Advisory CVE-2026-40372 – ASP.NET Core Elevation of Privilege https://github.com/dotnet/announcements/issues/395 keywords: bitwarden; microsoft; asp.net; core; apple; fbi
SANS Stormcast Thursday, April 23rd, 2026: Stealing Telegram Sessions; Oracle CPU; Firefox Patches (#)
SANS Stormcast Thursday, April 23rd, 2026: Stealing Telegram Sessions; Oracle CPU; Firefox Patches Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Beyond%20Cryptojacking%3A%20Telegram%20tdata%20as%20a%20Credential%20Harvesting%20Vector%2C%20Lessons%20from%20a%20Honeypot%20Incident/32888 Checkmarx Compromise https://socket.dev/blog/checkmarx-supply-chain-compromise Oracle Quarterly Critical Patch Update https://www.oracle.com/security-alerts/cpuapr2026.html Firefox 150 - Mythos AI https://blog.mozilla.org/en/privacy-security/ai-security-zero-day-vulnerabilities/ keywords: oracle; firefox; mythos; ai; checkmarx; telegram; crypto; sans_edu
SANS Stormcast Wednesday, April 22nd, 2026: WAV Malware; GitHub OAUTH Phishing; Perforce Settings (#)
SANS Stormcast Wednesday, April 22nd, 2026: WAV Malware; GitHub OAUTH Phishing; Perforce Settings A .WAV With A Payload https://isc.sans.edu/diary/A%20.WAV%20With%20A%20Payload/32910 The Phishy GitHub Issue Case https://blog.atsika.ninja/posts/the-phishy-github-issue-case/ P4WNED: How Insecure Defaults in Perforce Expose Source Code Across the Internet https://morganrobertson.net/p4wned/ keywords: perforce; phishing; github; wav; payload; malware
SANS Stormcast Tuesday, April 21st, 2026: CVE and EPSS; Windows Server 2025 OOB; QEMU Abuse; (#)
SANS Stormcast Tuesday, April 21st, 2026: CVE and EPSS; Windows Server 2025 OOB; QEMU Abuse; Handling the CVE Flood With EPSS https://isc.sans.edu/diary/Handling%20the%20CVE%20Flood%20With%20EPSS/32914 Windows Server 2025 Out of Band Patch https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#4835 QEMU abused to evade detection and enable ransomware delivery https://www.sophos.com/en-us/blog/qemu-abused-to-evade-detection-and-enable-ransomware-delivery keywords: qemu; windows; server; 2025; oob; patch; cve; epss
SANS Stormcast Monday, April 20th, 2026: Lumma Stealer and Sectop RAT; Windows 0-Day Exploited; NIST NVD Update; FortiSandbox PoC (#)
SANS Stormcast Monday, April 20th, 2026: Lumma Stealer and Sectop RAT; Windows 0-Day Exploited; NIST NVD Update; FortiSandbox PoC Lumma Stealer infection with Sectop RAT (ArechClient2) https://isc.sans.edu/diary/Lumma%20Stealer%20infection%20with%20Sectop%20RAT%20%28ArechClient2%29/32904 Three Recent Windows Defender Vulnerabilities Exploited (one 0-day) https://x.com/HuntressLabs/status/2044882115574091960 FortiSandbox PoC Exploit CVE-2026-39808 https://github.com/samu-delucas/CVE-2026-39808?tab=readme-ov-file NIST Updates NVD Operations to Address Record CVE Growth https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth keywords: NIST; NVD; CVE; FortiSandbox; FortiNet; PoC; Windows; Defender; lumma stealer; sectop; rat
SANS Stormcast Friday, April 17th, 2026: DVRs Again; Cisco Again; Windows Defender Again; Sonatype (#)
SANS Stormcast Friday, April 17th, 2026: DVRs Again; Cisco Again; Windows Defender Again; Sonatype Compromised DVRs and Finding Them in the Wild https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Compromised%20DVRs%20and%20Finding%20Them%20in%20the%20Wild/32886 Cisco ISE RCE Vulnerability and WebEx Auth Bypass CVE-2026-20184 CVE-2026-20180 CVE-2026-20186 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-4fverepv https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-webex-cui-cert-8jSZYhWL Windows Defender 0-Day (RedSun) https://github.com/Nightmare-Eclipse/RedSun Sonatype Vulnerability CVE-2026-5189 https://support.sonatype.com/hc/en-us/articles/50817138825491-CVE-2026-5189-Nexus-Repository-3-Hardcoded-Credential-in-Internal-Database-Component-2026-04-15 keywords...
SANS Stormcast Thursday, April 16th, 2026: AI Credential Scans; Microsoft Update Issues; RDP Warnings; GitHub Action Vulns; (#)
SANS Stormcast Thursday, April 16th, 2026: AI Credential Scans; Microsoft Update Issues; RDP Warnings; GitHub Action Vulns; Scanning for AI Models https://isc.sans.edu/diary/Scanning%20for%20AI%20Models/32896 Microsoft Update Problems https://support.microsoft.com/en-us/topic/april-14-2026-kb5082063-os-build-26100-32690-c57e289d-27c9-47cd-a183-72fabc62c5d7#:~:text=Known%20issues%20in%20this%20update Microsoft RDP File Warnings https://learn.microsoft.com/en-us/windows-server/remote/remote-desktop-services/remotepc/understanding-security-warnings AI GitHub Action Vulnerabilities https://oddguan.com/blog/comment-and-control-prompt-injection-credential-theft-claude-code-gemini-cli-github-copilot/ https://www.theregister.com/2026/04/15/claude_gemini_copilot_agents_hijacked/ Wireguard Update https://lists.zx2c4.com/pipermail/wireguard/2026...
SANS Stormcast Wednesday, April 15th, 2026: Microsoft, Adobe, Fortinet and others Patches (#)
SANS Stormcast Wednesday, April 15th, 2026: Microsoft, Adobe, Fortinet and others Patches Microsoft Patch Tuesday April 2026 https://isc.sans.edu/forums/diary/Microsoft%20Patch%20Tuesday%20April%202026./32898/ Adobe Patches https://helpx.adobe.com/security/Home.html Fortinet Patches https://fortiguard.fortinet.com/psirt keywords: Fortinet; adobe; microsoft; patches
SANS Stormcast Tuesday, April 14th, 2026: EncystPHP Webshell; CPUID Compromise; OpenAI Mac Cert Issue; Axios Vulnerability (#)
SANS Stormcast Tuesday, April 14th, 2026: EncystPHP Webshell; CPUID Compromise; OpenAI Mac Cert Issue; Axios Vulnerability Scans for EncystPHP Webshell https://isc.sans.edu/diary/Scans%20for%20EncystPHP%20Webshell/32892 CPUID Compromise https://securelist.com/tr/cpu-z/119365/ https://x.com/d0cTB/status/2042520961824559150 OpenAI Mac Application Update due to Axios Compromise https://openai.com/index/axios-developer-tool-compromise/ Axios Vulnerability CVE-2026-40175 https://github.com/axios/axios/security/advisories/GHSA-fvcv-3m26-pcqx keywords: axios; openai; mac; cpuid; encystphp; webshell
SANS Stormcast Monday, April 13th, 2026: Obfuscated JavaScript; Numbers in Passwords; Adobe Patches 0-Day; ClickFix Fix Bypass (#)
SANS Stormcast Monday, April 13th, 2026: Obfuscated JavaScript; Numbers in Passwords; Adobe Patches 0-Day; ClickFix Fix Bypass Obfuscated JavaScript or Nothing https://isc.sans.edu/diary/Obfuscated%20JavaScript%20or%20Nothing/32884 Numbers in Passwords https://isc.sans.edu/diary/Number%20Usage%20in%20Passwords%3A%20Take%20Two/32866 Adobe 0-Day Patch CVE-2026-34621 https://helpx.adobe.com/security/products/acrobat/apsb26-43.html ClickFix Bypass via ScriptEditor https://www.jamf.com/blog/clickfix-macos-script-editor-atomic-stealer/ keywords: javascript; numbers; obfuscation; passwords; adobe; acrobat; reader; clickfix; macos; scripteditor;
