http://isc.sans.edu - Global Network Security Information Sharing Community - Daily blogs and cyber security news podcast.https://bsky.app/profile/sansisc.bsky.socialhttps://bsky.app/profile/sansisc.bsky.social/post/3mk4w4f5rza24SANS Stormcast Thursday, April 23rd, 2026: Stealing Telegram Sessions; Oracle CPU; Firefox Patches https://isc.sans.edu/podcastdetail/990423 Apr 2026 02:00 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mk4w4f5rza24https://bsky.app/profile/sansisc.bsky.social/post/3mk2foluvxv2eSANS Stormcast Wednesday, April 22nd, 2026: WAV Malware; GitHub OAUTH Phishing; Perforce Settings https://isc.sans.edu/podcastdetail/990222 Apr 2026 02:01 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mk2foluvxv2ehttps://bsky.app/profile/sansisc.bsky.social/post/3mk277iyoy42cBeyond Cryptojacking: Telegram tdata as a Credential Harvesting Vector – Lessons from a Honeypot I https://isc.sans.edu/diary/3288822 Apr 2026 00:05 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mk277iyoy42chttps://bsky.app/profile/sansisc.bsky.social/post/3mjygraf5522fA .WAV With A Payload https://isc.sans.edu/diary/3291021 Apr 2026 07:15 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjygraf5522fhttps://bsky.app/profile/sansisc.bsky.social/post/3mjxv6tgl5723SANS Stormcast Tuesday, April 21st, 2026: CVE and EPSS; Windows Server 2025 OOB; QEMU Abuse; https://isc.sans.edu/podcastdetail/990021 Apr 2026 02:01 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjxv6tgl5723https://bsky.app/profile/sansisc.bsky.social/post/3mjvumnvd642qHandling the CVE Flood With EPSS https://isc.sans.edu/diary/3291420 Apr 2026 06:45 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjvumnvd642qhttps://bsky.app/profile/sansisc.bsky.social/post/3mjvepwvqlu2hSANS Stormcast Monday, April 20th, 2026: Lumma Stealer and Sectop RAT; Windows 0-Day Exploited; NIST NVD Update; FortiSandbox PoC https://isc.sans.edu/podcastdetail/989820 Apr 2026 02:01 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjvepwvqlu2hhttps://bsky.app/profile/sansisc.bsky.social/post/3mjntd5s2n32pSANS Stormcast Friday, April 17th, 2026: DVRs Again; Cisco Again; Windows Defender Again; Sonatype https://isc.sans.edu/podcastdetail/989617 Apr 2026 02:01 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjntd5s2n32phttps://bsky.app/profile/sansisc.bsky.social/post/3mjnobf2znp2pISC Diary: #LummaStealer infection with #SectopRAT (#ArechClient2) https://isc.sans.edu/diary/3290417 Apr 2026 00:30 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjnobf2znp2phttps://bsky.app/profile/sansisc.bsky.social/post/3mjlcudutr22wSANS Stormcast Thursday, April 16th, 2026: AI Credential Scans; Microsoft Update Issues; RDP Warnings; GitHub Action Vulns; https://isc.sans.edu/podcastdetail/989416 Apr 2026 02:01 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjlcudutr22whttps://bsky.app/profile/sansisc.bsky.social/post/3mjl46i6wy32oCompromised DVRs and Finding Them in the Wild https://isc.sans.edu/diary/3288616 Apr 2026 00:01 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjl46i6wy32ohttps://bsky.app/profile/sansisc.bsky.social/post/3mjisfizbuw2oSANS Stormcast Wednesday, April 15th, 2026: Microsoft, Adobe, Fortinet and others Patches https://isc.sans.edu/podcastdetail/989215 Apr 2026 02:01 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjisfizbuw2ohttps://bsky.app/profile/sansisc.bsky.social/post/3mjimro5hov22Scanning for AI Models https://isc.sans.edu/diary/3289615 Apr 2026 00:20 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjimro5hov22https://bsky.app/profile/sansisc.bsky.social/post/3mjhwzzawb725Microsoft Patch Tuesday April 2026. https://isc.sans.edu/diary/3289814 Apr 2026 17:51 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjhwzzawb725https://bsky.app/profile/sansisc.bsky.social/post/3mjgbwbdafp26SANS Stormcast Tuesday, April 14th, 2026: EncystPHP Webshell; CPUID Compromise; OpenAI Mac Cert Issue; Axios Vulnerability https://isc.sans.edu/podcastdetail/989014 Apr 2026 02:00 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjgbwbdafp26https://bsky.app/profile/sansisc.bsky.social/post/3mjewlzo2t62hScans for EncystPHP Webshell https://isc.sans.edu/diary/3289213 Apr 2026 13:05 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjewlzo2t62hhttps://bsky.app/profile/sansisc.bsky.social/post/3mjdrhctmm62oSANS Stormcast Monday, April 13th, 2026: Obfuscated JavaScript; Numbers in Passwords; Adobe Patches 0-Day; ClickFix Fix Bypass https://isc.sans.edu/podcastdetail/988813 Apr 2026 02:00 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mjdrhctmm62ohttps://bsky.app/profile/sansisc.bsky.social/post/3mj5war2och22Application Control Bypass for Data Exfiltration https://isc.sans.edu/diary/3285010 Apr 2026 18:10 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mj5war2och22https://bsky.app/profile/sansisc.bsky.social/post/3mj5wapljj52wISC Diary: ClickFix Attacks Still Using the Finger https://isc.sans.edu/diary/3256610 Apr 2026 18:10 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mj5wapljj52whttps://bsky.app/profile/sansisc.bsky.social/post/3mj5walp5242vXWorm Cocktail:  A Mix of PE data with PowerShell Code https://isc.sans.edu/diary/3170010 Apr 2026 18:10 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mj5walp5242vhttps://bsky.app/profile/sansisc.bsky.social/post/3mj5vxq4xyk2nObfuscated JavaScript or Nothing https://isc.sans.edu/diary/3288410 Apr 2026 18:05 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mj5vxq4xyk2nhttps://bsky.app/profile/sansisc.bsky.social/post/3mj2byw6ii22kSANS Stormcast Thursday, April 9th, 2026: Honeypot Fingerprinting; Microsoft Locks Developer Accounts; ActiveMQ Vuln; https://isc.sans.edu/podcastdetail/988609 Apr 2026 07:30 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mj2byw6ii22khttps://bsky.app/profile/sansisc.bsky.social/post/3mj2byuxv7u23Number Usage in Passwords: Take Two https://isc.sans.edu/diary/3286609 Apr 2026 07:30 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mj2byuxv7u23https://bsky.app/profile/sansisc.bsky.social/post/3miysc2foje2lTeamPCP Supply Chain Campaign: Update 007 - Cisco Source Code Stolen via Trivy-Linked Breach, Google https://isc.sans.edu/diary/3288008 Apr 2026 17:16 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3miysc2foje2lhttps://bsky.app/profile/sansisc.bsky.social/post/3miyirwhclk2tMore Honeypot Fingerprinting Scans https://isc.sans.edu/diary/3287808 Apr 2026 14:26 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3miyirwhclk2thttps://bsky.app/profile/sansisc.bsky.social/post/3mixrk5l2tr2lSANS Stormcast Wednesday, April 8th, 2026: Pivoting for Webshells; WatchGuard Firebox Patch; Project Glasswing; Kubernetes Misconfigurations https://isc.sans.edu/podcastdetail/988408 Apr 2026 07:30 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mixrk5l2tr2lhttps://bsky.app/profile/sansisc.bsky.social/post/3miwfz2fcpx2jA Little Bit Pivoting: What Web Shells are Attackers Looking for? https://isc.sans.edu/diary/3287407 Apr 2026 18:31 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3miwfz2fcpx2jhttps://bsky.app/profile/sansisc.bsky.social/post/3mivb3633gk2rSANS Stormcast Tuesday, April 7th, 2026: Redirects in Phishing; Internet Bug Bounty Suspended; Bluehammer; Keycloak MFA Bypass https://isc.sans.edu/podcastdetail/988207 Apr 2026 07:30 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3mivb3633gk2rhttps://bsky.app/profile/sansisc.bsky.social/post/3misv5erqpy2lHow often are redirects used in phishing in 2026? https://isc.sans.edu/diary/3287006 Apr 2026 08:51 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3misv5erqpy2lhttps://bsky.app/profile/sansisc.bsky.social/post/3misqdh5igc2tSANS Stormcast Monday, April 6th, 2026: TeamPCP Update and Axio Post Mortem; Fortinet 0-Day https://isc.sans.edu/podcastdetail/988006 Apr 2026 07:25 +0000at://did:plc:dfq4cbyws7syiwdxes73krjs/app.bsky.feed.post/3misqdh5igc2t