A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Friday, November 14th, 2025: SmartApeSG and ClickFix; Formbook Obfuscation Tricks; Sudo-rs Vulnerabilities; SANS Holiday Hack Challenge
November 13, 2025
10:09
1.7 MB ( 6.83 MB less)
Downloads: 0
SmartApeSG campaign uses ClickFix page to push NetSupport RAT
A detailed analysis of a recent SamtApeSG campaign taking advantage of ClickFix
https://isc.sans.edu/diary/32474
Formbook Delivered Through Multiple Scripts
An analysis of a recent version of Formbook showing how it takes advantage of multiple obfuscation tricks
https://isc.sans.edu/diary/32480
sudo-rs vulnerabilities
Two vulnerabilities were patched in sudo-rs, the version of sudo written in Rust, showing that while Rust does have an advantage when it comes to memory safety, there are plenty of other vulnerabilities to worry about
https://ubuntu.com/security/notices/USN-7867-1
https://github.com/trifectatechfoundation/sudo-rs/security/advisories/GHSA-c978-wq47-pvvw?ref=itsfoss.com
SANS Holiday Hack Challenge
https://sans.org/HolidayHack