SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Apple Patches Exploited Notification Flaw

https://isc.sans.edu/diary/Apple%20Patches%20Exploited%20Notification%20Flaw/32922

Bitwarden CLI Compromised

https://socket.dev/blog/bitwarden-cli-compromised

https://community.bitwarden.com/t/bitwarden-statement-on-checkmarx-supply-chain-incident/96127

Microsoft Security Advisory CVE-2026-40372 ASP.NET Core Elevation of Privilege

https://github.com/dotnet/announcements/issues/395

Beyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector, Lessons from a Honeypot Incident

https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Beyond%20Cryptojacking%3A%20Telegram%20tdata%20as%20a%20Credential%20Harvesting%20Vector%2C%20Lessons%20from%20a%20Honeypot%20Incident/32888

Checkmarx Compromise

https://socket.dev/blog/checkmarx-supply-chain-compromise

Oracle Quarterly Critical Patch Update

https://www.oracle.com/security-alerts/cpuapr2026.html

Firefox 150 - Mythos AI

https://blog.mozilla.org/en/privacy-security/ai-security-zero-day-vulnerabilities/

A .WAV With A Payload

https://isc.sans.edu/diary/A%20.WAV%20With%20A%20Payload/32910

The Phishy GitHub Issue Case

https://blog.atsika.ninja/posts/the-phishy-github-issue-case/

P4WNED: How Insecure Defaults in Perforce Expose Source Code Across the Internet

https://morganrobertson.net/p4wned/

Handling the CVE Flood With EPSS

https://isc.sans.edu/diary/Handling%20the%20CVE%20Flood%20With%20EPSS/32914

Windows Server 2025 Out of Band Patch

https://learn.microsoft.com/en-us/windows/release-health/windows-message-center#4835

QEMU abused to evade detection and enable ransomware delivery

https://www.sophos.com/en-us/blog/qemu-abused-to-evade-detection-and-enable-ransomware-delivery

Lumma Stealer infection with Sectop RAT (ArechClient2)

https://isc.sans.edu/diary/Lumma%20Stealer%20infection%20with%20Sectop%20RAT%20%28ArechClient2%29/32904

Three Recent Windows Defender Vulnerabilities Exploited (one 0-day)

https://x.com/HuntressLabs/status/2044882115574091960

FortiSandbox PoC Exploit CVE-2026-39808

https://github.com/samu-delucas/CVE-2026-39808?tab=readme-ov-file

NIST Updates NVD Operations to Address Record CVE Growth

https://www.nist.gov/news-events/news/2026/04/nist-updates-nvd-operations-address-record-cve-growth