Episode Details

SANS Stormcast Thursday, January 15th, 2026: Luma Streal Repeat Infection; ServiceNow Broken Auth; Starlink/GPS Jamming Infection repeatedly adds scheduled tasks and increases traffic to the same C2 domain https://isc.sans.edu/diary/Infection%20repeatedly%20adds%20scheduled%20tasks%20and%20increases%20traffic%20to%20the%20same%20C2%20domain/32628 BodySnatcher (CVE-2025-12420): A Broken Authentication and Agentic Hijacking Vulnerability in ServiceNow https://appomni.com/ao-labs/bodysnatcher-agentic-ai-security-vulnerability-in-servicenow/ Starlink Terminal GPS Spoofing/Jamming Detection in Iran https://github.com/narimangharib/starlink-iran-gps-spoofing/blob/main/starlink-iran.md keywords: starlink; gps; bodysnatcher; servicenow; agentic; lumastealer