AddGitHub
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)·Jun 15, 2026·6m·Episode #9972

SANS Stormcast Monday, June 15th, 2026: Arch Linux Malicious User Packages; Splunk Vuln and Exploit; Exploiting AI Coding Agents

Download audioShow notesApple PodcastsSpotify

Show notes


Atomic Arch: Attackers Hijack Trusted AUR Packages to Deliver Rootkit-Like Malware
https://www.sonatype.com/blog/atomic-arch-npm-campaign-adds-malicious-dependency
Why Use App-Level Auth When Every Database Has Auth? (Splunk Enterprise CVE-2026-20253 Pre-Auth RCE) https://labs.watchtowr.com/why-use-app-level-auth-when-every-database-has-auth-splunk-enterprise-cve-2026-20253-pre-auth-rce/
A Fake Bug Report Hijacks Your AI Coding Agent and Nothing Catches It.
https://tenetsecurity.ai/blog/agentjacking-coding-agents-with-fake-sentry-errors/
My Upcoming Classes
https://www.sans.org/profiles/dr-johannes-ullrich

← Previous

SANS Stormcast Friday, June 12th, 2026: Bitlocker Trouble; Ivanti and Oracle Exploited; macOS Malicious Installers