Podcast Detail

SANS Stormcast Thursday, December 18th, 2025: More React2Shell; Donicwall and Cisco Patch; Updated Chrome Advisory

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9744.mp3

previous
Podcast Logo
More React2Shell; Donicwall and Cisco Patch; Updated Chrome Advisory
00:00

Maybe a Little Bit More Interesting React2Shell Exploit
Attackers are branching out to attack applications that initial exploits may have missed. The latest wave of attacks is going after less common endpoints and attempting to exploit applications that do not have Next.js exposed.
https://isc.sans.edu/diary/Maybe%20a%20Little%20Bit%20More%20Interesting%20React2Shell%20Exploit/32578

UAT-9686 actively targets Cisco Secure Email Gateway and Secure Email and Web Manager
Cisco’s Security Email Gateway and Secure Email and Web Manager patch an already-exploited vulnerability.
https://blog.talosintelligence.com/uat-9686/
https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sma-attack-N9bf4

SONICWALL SMA1000 APPLIANCE LOCAL PRIVILEGE ESCALATION VULNERABILITY
A local privilege escalation vulnerability, which SonicWall patched today, is already being exploited.
https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2025-0019

Google releases vulnerability details
Google updated last week’s advisory by adding a CVE to the “mystery vulnerability” and adding a statement that it affects WebGPU. No new patch was released.
https://chromereleases.googleblog.com/2025/12/stable-channel-update-for-desktop_16.html

no transcript found