A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Tuesday, August 12th, 2025: Erlang OTP SSH Exploits (Palo Alto Networks); Winrar Exploits; Netscaler Exploits; OpenSSH Pushing PQ Crypto;
August 11, 2025
6:52
1.05 MB ( 4.72 MB less)
Downloads: 0
Erlang OTP SSH Exploits
A recently patched and easily exploited vulnerability in Erlang/OTP SSH is being exploited. Palo Alto collected some of the details about this exploit activity that they observed.
https://unit42.paloaltonetworks.com/erlang-otp-cve-2025-32433/
WinRAR Exploited
WinRAR vulnerabilities are actively being exploited by a number of threat actors. The vulnerability allows for the creation of arbitrary files as the archive is extracted.
https://thehackernews.com/2025/08/winrar-zero-day-under-active.html
Citrix Netscaler Exploit Updates
The Dutch Center for Cyber Security is updating its guidance on recent Citrix Netscaler attacks. Note that the attacks started before a patch became available, and attackers are actively hiding their tracks to make it more difficult to detect a compromise.
https://www.ncsc.nl/actueel/nieuws/2025/07/22/casus-citrix-kwetsbaarheid https://www.bleepingcomputer.com/news/security/netherlands-citrix-netscaler-flaw-cve-2025-6543-exploited-to-breach-orgs/
OpenSSH Post Quantum Encryption
Starting in version 10.1, OpenSSH will warn users if they are using quantum-unsafe algorithms
https://www.openssh.com/pq.html