SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Apple Patches (almost) everything again. March 2026 edition.

https://isc.sans.edu/diary/Apple%20Patches%20%28almost%29%20everything%20again.%20March%202026%20edition./32830

SmartApeSG campaign pushes Remcos RAT, NetSupport RAT, StealC, and Sectop RAT (ArechClient2)

https://isc.sans.edu/diary/SmartApeSG%20campaign%20pushes%20Remcos%20RAT%2C%20NetSupport%20RAT%2C%20StealC%2C%20and%20Sectop%20RAT%20%28ArechClient2%29/32826

Trivy/LiteLLM/TeamPCP Updates

https://www.sans.org/webcasts/when-security-scanner-became-weapon

https://rosesecurity.dev/2026/03/24/sha-pinning-is-not-enough.html

Google Moves Up Quantum Crypto Deadline

https://blog.google/innovation-and-ai/technology/safety-security/cryptography-migration-timeline/

---

Special Webcast about Trivy Supply Chain Attacks

https://www.sans.org/webcasts/when-security-scanner-became-weapon

---

Detecting IP KVM Usage

https://isc.sans.edu/diary/Detecting%20IP%20KVMs/32824

TeamPCP, Trivy, liteLLM, Iran and more

https://www.aikido.dev/blog/teampcp-stage-payload-canisterworm-iran

https://www.aquasec.com/blog/trivy-supply-chain-attack-what-you-need-to-know/

https://blog.gitguardian.com/trivys-march-supply-chain-attack-shows-where-secret-exposure-hurts-most/

https://www.sysdig.com/blog/teampcp-expands-supply-chain-compromise-spreads-from-trivy-to-checkmarx-github-actions

From W-2 to BYOVD: How a Tax Search Leads to Kernel-Mode AV/EDR Kill

https://www.huntress.com/blog/w2-malvertising-to-kernel-mode-edr-kill

NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2026-3055 and CVE-2026-4368

https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300

gRPC-Go Authorization bypass via missing leading slash in :path CVE-2026-33186

https://github.com/grpc/grpc-go/security/advisories/GHSA-p77j-4mvh-x3m3

GSocket Backdoor Delivered Through Bash Script

https://isc.sans.edu/diary/GSocket+Backdoor+Delivered+Through+Bash+Script/32816/#comments

Oracle Security Alert CVE-2026-21992 Released

https://blogs.oracle.com/security/alert-cve-2026-21992

Rockwell Automation Reiterates Customer Guidance to Disconnect Devices from the Internet and Harden PLCs to Protect from Cyber Threats

https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1771.html

Interesting Cowrie Strings

https://isc.sans.edu/diary/Interesting+Message+Stored+in+Cowrie+Logs/32810

Microsoft Intune Hardening Advice

https://techcommunity.microsoft.com/blog/intunecustomersuccess/best-practices-for-securing-microsoft-intune/4502117

https://www.cisa.gov/news-events/alerts/2026/03/18/cisa-urges-endpoint-management-system-hardening-after-cyberattack-against-us-organization

Unifi Network Update

https://community.ui.com/releases/Security-Advisory-Bulletin-062-062/c29719c0-405e-4d4a-8f26-e343e99f931b