SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Today's Odd Web Requests

https://isc.sans.edu/diary/Today%27s%20Odd%20Web%20Requests/32934

Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202

https://www.akamai.com/blog/security-research/2026/apr/incomplete-patch-apt28s-zero-day-cve-2026-32202

Assess Secure Boot status with Microsoft Defender

https://techcommunity.microsoft.com/blog/MicrosoftDefenderATPBlog/assess-secure-boot-status-with-microsoft-defender/4510356

Deprecating Legacy TLS and Endpoints for POP and IMAP in Exchange Online

https://techcommunity.microsoft.com/blog/exchange/deprecating-legacy-tls-and-endpoints-for-pop-and-imap-in-exchange-online/4515201

SAP Related npm Packages Compromised

https://www.stepsecurity.io/blog/a-mini-shai-hulud-has-appeared

HTTP Requests with X-Vercel-Set-Bypass-Cookie Header

https://isc.sans.edu/diary/HTTP%20Requests%20with%20X-Vercel-Set-Bypass-Cookie%20Header/32930

GitHub Vulnerability CVE-2026-3854

https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854

Microsoft RDP Notification Bug

https://support.microsoft.com/en-us/topic/april-14-2026-kb5083768-os-build-28000-1836-839e4a25-d979-4158-b70c-182333045883

TeamPCP Update

https://isc.sans.edu/diary/TeamPCP%20Supply%20Chain%20Campaign%3A%20Update%20008%20-%2026-Day%20Pause%20Ends%20with%20Three%20Concurrent%20Compromises%20%28Checkmarx%20KICS%2C%20Bitwarden%20CLI%20Cascade%2C%20xinference%20PyPI%29%2C%20CanisterSprawl%20npm%20Worm%20Identified%2C%20and%20Tier%201%20Coverage%20Returns/32926

https://socket.dev/blog/73-open-vsx-sleeper-extensions-glassworm

https://checkmarx.com/blog/checkmarx-security-update-april-26/

89 vulnerabilities in XAPI / Citrix XenServer

https://shittrix.moksha.dk/#rationale

Phantom RPC

https://securelist.com/phantomrpc-rpc-vulnerability/119428/

Pi-Hole Vulnerability CVE-2026-41489

https://github.com/pi-hole/pi-hole/security/advisories/GHSA-6w8x-p785-6pm4

Linux Kernel Problem CVE-2026-41651

https://nvd.nist.gov/vuln/detail/CVE-2026-41651

Apple Patches Exploited Notification Flaw

https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Notification%20Flaw/32922

Bitwarden CLI Compromised

https://socket.dev/blog/bitwarden-cli-compromised

https://community.bitwarden.com/t/bitwarden-statement-on-checkmarx-supply-chain-incident/96127

Microsoft Security Advisory CVE-2026-40372 ASP.NET Core Elevation of Privilege

https://github.com/dotnet/announcements/issues/395

Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident

https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Beyond%20Cryptojacking%3A%20Telegram%20tdata%20as%20a%20Credential%20Harvesting%20Vector%2C%20Lessons%20from%20a%20Honeypot%20Incident/32888

Checkmarx Compromise

https://socket.dev/blog/checkmarx-supply-chain-compromise

Oracle Quarterly Critical Patch Update

https://www.oracle.com/security-alerts/cpuapr2026.html

Firefox 150 - Mythos AI

https://blog.mozilla.org/en/privacy-security/ai-security-zero-day-vulnerabilities/