SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Friday, February 13th, 2026: SSH Bot; OpenSSH MacOS Change; Abused Employee Monitoring Four Seconds to Botnet - Analyzing a Self-Propagating SSH Worm with Cryptographically Signed C2 [Guest Diary] https://isc.sans.edu/diary/Four%20Seconds%20to%20Botnet%20-%20Analyzing%20a%20Self%20Propagating%20SSH%20Worm%20with%20Cryptographically%20Signed%20C2%20%5BGuest%20Diary%5D/32708 OpenSSH Update on MacOS https://www.openssh.org/releasenotes.html Employee Monitoring and SimpleHelp Software Abused in Ransomware Operations...

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Thursday, February 12th, 2026: WSL in Malware; Apple and Adobe Patches WSL in the Malware Ecosystem
https://isc.sans.edu/diary/32704 Apple Patches Everything: February 2026 https://isc.sans.edu/diary/Apple%20Patches%20Everything%3A%20February%202026/32706
 Adobe Updates https://helpx.adobe.com/security/security-bulletin.html keywords: apple; adobe; wsl; malware

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Wednesday, February 11th, 2026: Microsoft Patch Tuesday; Secure Boot Updates; Fake 7-Zip; FortiSlob Microsoft Patch Tuesday - February 2026 https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20-%20February%202026/32700 Refreshing the root of trust https://blogs.windows.com/windowsexperience/2026/02/10/refreshing-the-root-of-trust-industry-collaboration-on-secure-boot-certificate-updates/ Fake 7-Zip downloads are turning home PCs into proxy nodes https://www.malwarebytes.com/blog/threat-intel/2026/02/fake-7-zip-downloads-are-turning-home-pcs-into-proxy-nodes FortiNet...

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Tuesday, February 10th, 2026: Extracting URLs; Singal Phishing; Ivanti PoC; BeyondTrust RCE; Forticlient SQL Inection Quick Howto: Extract URLs from RTF files https://isc.sans.edu/diary/Quick%20Howto%3A%20Extract%20URLs%20from%20RTF%20files/32692 German Agencies Warn of Signal Phishing Targeting Politicians, Military, Journalists German: https://thehackernews.com/2026/02/german-agencies-warn-of-signal-phishing.html
English:...

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Monday, February 9th, 2026: Azure Vulnerabilties; AI Vulnerability Discovery; GitLab AI Gateway Vuln Microsoft Patches Four Azure Vulnerabilities (three critical) https://msrc.microsoft.com/update-guide/vulnerability Evaluating and mitigating the growing risk of LLM-discovered 0-days https://red.anthropic.com/2026/zero-days/ Gitlab AI Gateway Vulnerability CVE-2026-1868 https://about.gitlab.com/releases/2026/02/06/patch-release-gitlab-ai-gateway-18-8-1-released/ keywords: gitlab; ai gateway; llm; 0-days; anthropic; claude; opus; microsoft; azure

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Friday, February 6th, 2026: Broken Phishing; n8n vulnerability; Android Update; Watchguard Firebox LDAP Injection Broken Phishing URLs https://isc.sans.edu/diary/Broken+Phishing+URLs/32686/ n8n command injection vulnerability https://github.com/n8n-io/n8n/security/advisories/GHSA-6cqr-8cfr-67f8 Android February Update https://source.android.com/docs/security/bulletin/pixel/2026/2026-02-01?hl=en Watchguard Firebox LDAP Injection https://www.watchguard.com/wgrd-psirt/advisory/wgsa-2026-00001 keywords: watchguard; firebox; ldap; android; n8n; phishing

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Thursday, February 5th, 2026: Malicious Scripts; Synectix Vuln; Google Chrome; Google Looker; Malicious Script Delivering More Maliciousness https://isc.sans.edu/diary/Malicious+Script+Delivering+More+Maliciousness/32682 Synectix LAN 232 TRIO Unauthenticated Web Admin CVE-2026-1633 https://www.cisa.gov/news-events/ics-advisories/icsa-26-034-04 Google Chrome Patches https://chromereleases.googleblog.com/2026/02/stable-channel-update-for-desktop.html LookOut: Discovering RCE and Internal Access on Looker (Google Cloud & On-Prem)...

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Wednesday, February 4th, 2026: Detecting OpenClaw; Synology telnetd Patch; More GlassWorm Detecting and Monitoring OpenClaw (clawdbot, moltbot) https://isc.sans.edu/diary.html/Detecting+and+Monitoring+OpenClaw+%28clawdbot%2C+moltbot%29/32678/#comment Synology telnetd Patch https://www.synology.com/en-us/releaseNote/DSM GlassWorm Loader Hits Open VSX via Developer Account Compromise https://socket.dev/blog/glassworm-loader-hits-open-vsx-via-suspected-developer-account-compromise keywords: vsx; glssworm; synology; telnetd; openclaw

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Tuesday, February 3rd, 2026: Scanning for AI; Notepad++ Compromise; OpenClaw Vulnerabilities Scanning for exposed Anthropic Models
https://isc.sans.edu/diary/Scanning%20for%20exposed%20Anthropic%20Models/32674 Notepad++ Hijacked by State-Sponsored Hackers
https://www.rapid7.com/blog/post/tr-chrysalis-backdoor-dive-into-lotus-blossoms-toolkit/ https://notepad-plus-plus.org/news/hijacked-incident-info-update/ Insecure Websockets in OpenClaw https://zeropath.com/blog/openclaw-clawdbot-credential-theft-vulnerability Malicious OpenClaw Skills...

SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Monday, February 2nd, 2026: Google Presentation Abuse; Ivanti Vuln Exploited; Microsoft NTLM Strategy Google Presentation Abuse https://isc.sans.edu/diary/Google+Presentations+Abused+for+Phishing/32668/ Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340) https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340?language=en_US Microsoft NTLM Strategy https://techcommunity.microsoft.com/blog/windows-itpro-blog/advancing-windows-security-disabling-ntlm-by-default/4489526 keywords:...