SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Bruteforce Scans for CrushFTP

https://isc.sans.edu/diary/Bruteforce%20Scans%20for%20CrushFTP%20/32762

Android March 2026 Patches, including 0-Day (CVE-2026-21385)

https://source.android.com/docs/security/bulletin/2026/2026-03-01

OAuth redirection abuse enables phishing and malware delivery

https://www.microsoft.com/en-us/security/blog/2026/03/02/oauth-redirection-abuse-enables-phishing-malware-delivery/

Quick Howto: ZIP Files Inside RTF

https://isc.sans.edu/diary/Quick+Howto+ZIP+Files+Inside+RTF/32696/#comments

Keeping the Internet fast and secure: introducing Merkle Tree Certificates

https://blog.cloudflare.com/bootstrap-mtc/

Taming Agentic Browsers: Vulnerability in Chrome Allowed Extensions to Hijack New Gemini Panel

https://unit42.paloaltonetworks.com/gemini-live-in-chrome-hijacking/

Fake Fedex Email Delivers Donuts!

https://isc.sans.edu/diary/Fake%20Fedex%20Email%20Delivers%20Donuts!/32754

Abusing .ARPA: The TLD that isn t supposed to host anything

https://www.infoblox.com/blog/threat-intelligence/abusing-arpa-the-tld-that-isnt-supposed-to-host-anything/

MC1179154 - Microsoft Authenticator app: Upcoming changes to jailbreak and root detection

https://mc.merill.net/message/MC1179154

SECURITY BULLETIN: Apex One and Apex One (Mac) - February 2026

https://success.trendmicro.com/en-US/solution/KA-0022458

Special Webcast: AirSnitch How Worried Should You Be?

https://www.sans.org/webcasts/airsnitch-how-worried-should-you-be

Finding Signal in the Noise: Lessons Learned Running a Honeypot with AI Assistance [Guest Diary]

https://isc.sans.edu/diary/Finding%20Signal%20in%20the%20Noise%3A%20Lessons%20Learned%20Running%20a%20Honeypot%20with%20AI%20Assistance%20%5BGuest%20Diary%5D/32744

Google API Keys Weren't Secrets. But then Gemini Changed the Rules.

https://trufflesecurity.com/blog/google-api-keys-werent-secrets-but-then-gemini-changed-the-rules

AirSnitch: Demystifying and Breaking Client Isolation in Wi-Fi Networks

https://www.ndss-symposium.org/ndss-paper/airsnitch-demystifying-and-breaking-client-isolation-in-wi-fi-networks/

The CLAIR Model: A Synthesized Conceptual Framework for Mapping Critical Infrastructure Interdependencies [Guest Diary]

https://isc.sans.edu/diary/The+CLAIR+Model+A+Synthesized+Conceptual+Framework+for+Mapping+Critical+Infrastructure+Interdependencies+Guest+Diary/32748

Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability CVE-2026-20127

https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sdwan-rpa-EHchtZk https://blog.talosintelligence.com/uat-8616-sd-wan/

Abusing Cortex XDR Live

https://labs.infoguard.ch/posts/abusing_cortex_xdr_live_response_as_c2/

OpenSSL Vulnerability CVE-2025-15467

https://seclists.org/oss-sec/2026/q1/220