SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

More Bitlocker Issues: GreatXML

https://git.churchofmalware.org/Nightmare_Eclipse/GreatXML

Security Advisory Ivanti Sentry (CVE-2026-10520, CVE-2026-10523)

https://hub.ivanti.com/s/article/Security-Advisory-Ivanti-Sentry-CVE-2026-10520-CVE-2026-10523?language=en_US

Oracle Security Alert Advisory - CVE-2026-35273

https://www.oracle.com/security-alerts/alert-cve-2026-35273.html

https://www.bleepingcomputer.com/news/security/oracle-mitigates-peoplesoft-zero-day-exploited-in-data-theft-attacks/

How Deceptive Installers Are Targeting macOS Users

https://www.huntress.com/blog/deceptive-installers-macos-infostealers

My Upcoming Classes

https://www.sans.org/profiles/dr-johannes-ullrich

How has use of framing protection security headers changed in the past 3 years?

https://isc.sans.edu/diary/How%20has%20use%20of%20framing%20protection%20security%20headers%20changed%20in%20the%20past%203%20years%3F/33068

Preparing for npm v12: install scripts and non-registry sources become opt-in

https://github.com/orgs/community/discussions/198547

Adobe Patches

https://helpx.adobe.com/security.html

Rogue Planet new Microsoft Defender Vulnerability

https://github.com/MSNightmare/RoguePlanet

My Upcoming Classes

https://www.sans.org/profiles/dr-johannes-ullrich

Microsoft June 2026 Patch Tuesday

https://isc.sans.edu/diary/Microsoft%20June%202026%20Patch%20Tuesday/33064

Miasma Software Supply Chain Attack Toolkit Source Published

https://safedep.io/inside-the-miasma-supply-chain-attack-toolkit/

Fortinet FortiSandbox Vulnerability

https://fortiguard.fortinet.com/psirt/FG-IR-26-141

My Upcoming Classes

https://www.sans.org/profiles/dr-johannes-ullrich

Azure Functions Action and 72 Other Repositories Disabled After Supply Chain Attack

https://www.stepsecurity.io/blog/miasma-worm-hits-microsoft-again-azure-functions-action-and-72-other-repositories-disabled-after-supply-chain-attack-targeting-ai-coding-agents

Active Exploitation of Check Point VPN Authentication Bypass (CVE-2026-50751)

https://blog.checkpoint.com/security/check-point-releases-important-hotfix-for-vulnerabilities-in-deprecated-ikev1-vpn-protocol/

Missing IPsec Integrity Protection for IMS SIP Signaling in Verizon VoLTE Deployments

https://kb.cert.org/vuls/id/615987

My Upcoming Classes

https://www.sans.org/profiles/dr-johannes-ullrich

The Evil MSI Background is Back!

https://isc.sans.edu/diary/The%20Evil%20MSI%20Background%20is%20Back!/33054

The Smart TV in Your LivingRoom Is a Node in the AIScraping Economy

https://blog.includesecurity.com/2026/06/the-smart-tv-in-your-livingroom-is-a-node-in-the-aiscraping-economy/

Brute force attack on Dashlane user accounts

https://support.dashlane.com/hc/en-us/articles/36038764990866-Security-advisory-Brute-force-attack-on-Dashlane-user-accounts#update-jun-4

My Upcoming Classes

https://www.sans.org/profiles/dr-johannes-ullrich