SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

https://isc.sans.edu/dailypodcast.xml
1.2K Followers 2.4K Episodes Claim Ownership
Share
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .

Episode List

SANS Stormcast Friday, January 30th, 2026: Residential Proxy Networks; Clowdbot/Moltbot Themed Malware; eScan Malicious Updates

Jan 30th, 2026 2:00 AM

No Place Like Home Network: Disrupting the World's Largest Residential Proxy Network Google dismantled the IPIDEA network that used residential proxies to route malicious traffic. https://cloud.google.com/blog/topics/threat-intelligence/disrupting-largest-residential-proxy-network Fake Clawdbot VS Code Extension Installs ScreenConnect RAT The news about Clawdbot (now Moltbot) is used to distribute malware, in particular malicious VS Code extensions. https://www.aikido.dev/blog/fake-clawdbot-vscode-extension-malware Threat Bulletin: Critical eScan Supply Chain Compromise Anti-virus vendor eScan was compromised, and its update servers were used to install malware on some customer systems. https://www.morphisec.com/blog/critical-escan-threat-bulletin/

SANS Stormcast Thursday, January 29th, 2026: WebLogic AI Slop; Fortinet Patches; WebLogic AI Slop; Fortinet Patches

Jan 29th, 2026 12:40 PM

Odd WebLogic Request. Possible CVE-2026-21962 Exploit Attempt or AI Slop? We are seeing attempts to attack CVE-2026-21962, a recent weblog vulnerability, using a non-working AI slop exploit https://isc.sans.edu/diary/Odd%20WebLogic%20Request.%20Possible%20CVE-2026-21962%20Exploit%20Attempt%20or%20AI%20Slop%3F/32662 Fortinet Patches are Rolling Out Fortinet is starting to roll out patches for the recent SSO vulnerability https://fortiguard.fortinet.com/psirt/FG-IR-26-060 SolarWinds Web Helpdesk Vulnerability Another set of vulnerabilities in SolarWinds Web Helpdesk may result in unauthenticated system access https://horizon3.ai/attack-research/cve-2025-40551-another-solarwinds-web-help-desk-deserialization-issue/

SANS Stormcast Wednesday, January 28th, 2026: Romance Scams; DoS Vuln in React Server Components; OpenSSL Patch; Kubernetes Priv Confusion

Jan 28th, 2026 2:05 AM

Initial Stages of Romance Scams [Guest Diary] Romance scams often start with random text messages that appear to be misrouted . This guest diary by Faris Azhari is following some of the initial stages of such a scam. https://isc.sans.edu/diary/Initial%20Stages%20of%20Romance%20Scams%20%5BGuest%20Diary%5D/32650 Denial of Service Vulnerabilities in React Server Components Another folowup fix for the severe React vulnerability from last year, but now only fixing a DoS condition. https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg OpenSSL Updates OpenSSL released its monthly updates, fixing a potential RCE. https://openssl-library.org/news/vulnerabilities/ Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission Many Kubernetes Helm Charts are vulnerable to possible remote code executions due to unclear defined access controls. https://grahamhelton.com/blog/nodes-proxy-rce

SANS Stormcast Tuesday, January 27th, 2026: PWD scanning; MSFT Office OOB Patch; Exposed Clawdbot

Jan 27th, 2026 2:00 AM

Scanning Webserver with pwd as a Starting Path Attackers are adding the output of the pwd command to their web scans. https://isc.sans.edu/diary/x/32654 Microsoft Office Security Feature Bypass Vulnerability CVE-2026-21509 Microsoft released an out-of-band patch for Office fixing a currently exploited vulnerability. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509 Exposed Clawdbot Instances Many users of the AI tool clawdbot expose instances without access control. https://x.com/theonejvo/status/2015485025266098536

SANS Stormcast Monday, January 26th, 2026: FortiOS SSO Vuln Updates; Outlook OOB Update; VMware vCenter Exploited

Jan 26th, 2026 2:00 AM

Analysis of Single Sign-On Abuse on FortiOS Fortinet released an advisory. FortiOS devices are vulnerable if configured with any SAML integration, not just FortiCloud https://www.fortinet.com/blog/psirt-blogs/analysis-of-sso-abuse-on-fortios Outlook OOB Update Microsoft released a non-security OOB Update for Outlook, fixing an issue introduced with this months security patches. https://support.microsoft.com/en-us/topic/january-24-2026-kb5078127-os-builds-26200-7628-and-26100-7628-out-of-band-cf5777f6-bb4e-4adb-b9cd-2b64df577491 VMware vCenter Server Vulnerabilities Exploited (CVE-2024-37079, CVE-2024-37080, CVE-2024-37081) A VMWare vCenter vulnerability patched last June is now actively exploited. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24453

More Episodes

You may also like

The 404 Media Podcast
Big Technology Podcast
Bloomberg Tech
The WAN Show
Cybersecurity Headlines
Cybersecurity Today
Risky Business
Noticias de la mañana
Software Engineering Daily
Click Here

Get this podcast on your phone, Free

Download Podbean app on App Store Download Podbean app on Google Play

Create Your Podcast In Minutes

  • Full-featured podcast site
  • Unlimited storage and bandwidth
  • Comprehensive podcast stats
  • Distribute to Apple Podcasts, Spotify, and more
  • Make money with your podcast
Get Started
It is Free