Podcast
SANS Stormcast: Daily Cyber Security News
Hosted by Johannes Ullrich · EN
A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minutes long summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Storm Center. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
58episodes
Episodes
Newest firstAll episodes
SANS Stormcast Friday, May 15th, 2026: Website Fraud; Outlook Link Preview Bug; NGINX Vuln; Cisco 0-Day
Yesterday00:06:55Tap to summarizeTearing apart website fraud to see how it works. (@sans_edu)https://isc.sans.edu/diary/%5BGUEST%20DIARY%5D%20Tearing%20apart%20website%20fraud%20to%20see%20how%20it%20works./32958 Simple bypass of the link preview function in Outlook Junk folderhttps://isc.sans.edu/diary/Simple%20bypass%20of%20the%20link%20preview%20function%20in%20Outlook%20Junk%20folder/32990 NGINX Vulnerabilityhttps://depthfirst.com/nginx-rift Cisco SDWan 0-Dayhttps://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa2-v69WY2SW
Transcribe →SANS Stormcast Thursday, May 14th, 2026: Flexbile Windows Proxy; News from Nightmare Eclipse; Adobe Patches
2d ago00:05:26Tap to summarizeProxying the Unproxyable? Sending EXE traffic to a Proxyhttps://isc.sans.edu/diary/Proxying%20the%20Unproxyable%3F%20Sending%20EXE%20traffic%20to%20a%20Proxy/32982 New Nightmare Eclipse Vulnerabilities Disclosedhttps://github.com/Nightmare-Eclipse/YellowKeyhttps://github.com/Nightmare-Eclipse/GreenPlasma Adobe Patcheshttps://helpx.adobe.com/security.html
Transcribe →SANS Stormcast Wednesday, May 13th, 2026: Microsoft Patch Tuesday; Large npm/pypi Compromise; Rubygems Attack
3d ago00:07:54Tap to summarizeMicrosoft Patch Tuesdayhttps://isc.sans.edu/diary/32980 Tanstack npm and others compromisedhttps://socket.dev/blog/tanstack-npm-packages-compromised-mini-shai-hulud-supply-chain-attack Ruby Gems Attackhttps://x.com/maciejmensfeld/status/2054164602577940619
Transcribe →SANS Stormcast Tuesday, May 12th, 2026: Apple Patches; Encrypted RCS; CAPTCHAs; Checkmarx vs TeamPCP;
4d ago00:05:56Tap to summarizeApple Patches Everythinghttps://isc.sans.edu/diary/Apple%20Patches%20Everything/32976 End-to-End Encrypted RCS Messageshttps://www.apple.com/newsroom/2026/05/end-to-end-encrypted-rcs-messaging-begins-rolling-out-today-in-beta/ Why we use CAPTCHAshttps://isc.sans.edu/diary/Why%20we%20use%20CAPTCHAs/32974 Checkmarx Jenkins AST plugin compromisehttps://checkmarx.com/blog/ongoing-security-updates/
Transcribe →SANS Stormcast Monday, May 11th, 2026: New Linux Priv Escalation; PAM Backdoors; CPanel Updates; Let’s Encrypt
5d ago00:06:58Tap to summarizeAnother Universal Linux Local Privilege Escalation (LPE) Vulnerability: Dirty Fraghttps://isc.sans.edu/diary/Another%20Universal%20Linux%20Local%20Privilege%20Escalation%20%28LPE%29%20Vulnerability%3A%20Dirty%20Frag/32968 PAM Backdoors Steel Passwordshttps://flare.io/learn/resources/blog/pamdoora-new-linux-pam-based-backdoor-sale-dark-web CPanel Updateshttps://support.cpanel.net/hc/en-us/sections/360007088193-Security Let s Encrypt Briefly Halts Certificate Issuance https://letsencrypt.status.io
Transcribe →SANS Stormcast Friday, May 8th, 2026: AI Generated Dashboard; Ivanti Patches; Redis Vuln; @sans_edu Marcio Enriquez
1w ago00:14:54Tap to summarizeAn Adaptive Cyber Analytics UI for Web Honeypot Logshttps://isc.sans.edu/diary/An%20Adaptive%20Cyber%20Analytics%20UI%20for%20Web%20Honeypot%20Logs%20%5BGuest%20Diary%5D/32962 Ivanti May Patchdayhttps://hub.ivanti.com/s/article/May-2026-Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-Multiple-CVEs Redis Security advisory: [CVE 2026 23479] [CVE 2026 25243] [CVE-2026-25588] [CVE 2026 25589] [CVE-2026-23631]https://redis.io/blog/security-advisory-cve202623479-cve202625243-cve-2026-25588-cve202625589-cve-2026-23631/ @sans_edu research paper: Marcio Enriquez [link will be added once the paper has been published]
Transcribe →SANS Stormcast Thursday, May 7th, 2026: .DE DNSEC Fail; PAN OS 0-Day Patched;
1w ago00:06:05Tap to summarizeTechnical issue with .de domainshttps://blog.denic.de/en/technical-issue-with-de-domains-resolved/ CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID Authentication Portalhttps://security.paloaltonetworks.com/CVE-2026-0300 Android Security Bulletin May 2026 CVE-2026-0073https://source.android.com/docs/security/bulletin/2026/2026-05-01
Transcribe →SANS Stormcast Wednesday, May 6th, 2026: Cleartext Passwords in Edge; SSL.com Root Rotation; DAEMONTOOLS Backdoor;
1w ago00:08:14Tap to summarizeCleartext Passwords in MS Edge? In 2026?https://isc.sans.edu/diary/Cleartext%20Passwords%20in%20MS%20Edge%3F%20In%202026%3F/32954 SSL.com rotates its root certificate todayhttps://isc.sans.edu/diary/SSL.com%20rotates%20their%20root%20certificate%20today/32956 DEAMONTOOLS Compromisehttps://securelist.com/tr/daemon-tools-backdoor/119654/
Transcribe →SANS Stormcast Tuesday, May 5th, 2026: Honeypot Update; MOVEit Patches; Apache http2 Vuln;
2w ago00:05:06Tap to summarizeDShield Honeypot Updatehttps://isc.sans.edu/diary/DShield%20Honeypot%20Update/32948 MOVEit Automation Critical Security Alert Bulletin April 2026 (CVE-2026-4670, CVE-2026-5174)https://community.progress.com/s/article/MOVEit-Automation-Critical-Security-Alert-Bulletin-April-2026-CVE-2026-4670-CVE-2026-5174 Apache httpd http2 vulnerabilityhttps://seclists.org/oss-sec/2026/q2/387
Transcribe →SANS Stormcast Monday, May 4th, 2026: Malicious Homebrew Ads; Wireshark Update; Digicert False Positive; cPanel Exploited
2w ago00:07:47Tap to summarizeMalicious Ad for Homebrew Leads to MacSync Stealerhttps://isc.sans.edu/diary/Malicious%20Ad%20for%20Homebrew%20Leads%20to%20MacSync%20Stealer/32942 Wireshark Updatehttps://www.wireshark.org/docs/relnotes/wireshark-4.6.5.html Digicert Microsoft Defender False Positivehttps://www.reddit.com/r/cybersecurity/comments/1t2hfsh/mde_flagging_digi_cert_certificate_as_malicious/https://bugzilla.mozilla.org/show_bug.cgi?id=2033170 cPanel Exploitedhttps://support.cpanel.net/hc/en-us/articles/40073787579671-Security-CVE-2026-41940-cPanel-WHM-WP2-Security-Update-04-28-2026
Transcribe →