Episode Details

Back to Episodes

SANS Stormcast Thursday, December 18th, 2025: More React2Shell; Donicwall and Cisco Patch; Updated Chrome Advisory

Episode 9744 Published 3 months, 1 week ago
Description

Maybe a Little Bit More Interesting React2Shell Exploit
Attackers are branching out to attack applications that initial exploits may have missed. The latest wave of attacks is going after less common endpoints and attempting to exploit applications that do not have Next.js exposed.
https://isc.sans.edu/diary/Maybe%20a%20Little%20Bit%20More%20Interesting%20React2Shell%20Exploit/32578
UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager
Cisco s Security Email Gateway and Secure Email and Web Manager patch an already-exploited vulnerability.
https://blog.talosintelligence.com/uat-9686/
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4
SONICWALL SMA1000 APPLIANCE LOCAL PRIVILEGE ESCALATION VULNERABILITY
A local privilege escalation vulnerability, which SonicWall patched today, is already being exploited.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019
Google releases vulnerability details
Google updated last week s advisory by adding a CVE to the mystery vulnerability and adding a statement that it affects WebGPU. No new patch was released.
https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html
Listen Now

Love PodBriefly?

If you like Podbriefly.com, please consider donating to support the ongoing development.

Support Us