Podcast Detail

SANS Stormcast Wednesday, January 28th, 2026: Romance Scams; DoS Vuln in React Server Components; OpenSSL Patch; Kubernetes Priv Confusion

If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9784.mp3

previous
Podcast Logo
Romance Scams; DoS Vuln in React Server Components; OpenSSL Patch; Kubernetes Priv Confusion
00:00

Initial Stages of Romance Scams [Guest Diary]
Romance scams often start with random text messages that appear to be “misrouted”. This guest diary by Faris Azhari is following some of the initial stages of such a scam.
https://isc.sans.edu/diary/Initial%20Stages%20of%20Romance%20Scams%20%5BGuest%20Diary%5D/32650

Denial of Service Vulnerabilities in React Server Components
Another folowup fix for the severe React vulnerability from last year, but now only fixing a DoS condition.
https://github.com/facebook/react/security/advisories/GHSA-83fc-fqcc-2hmg

OpenSSL Updates
OpenSSL released its monthly updates, fixing a potential RCE.
https://openssl-library.org/news/vulnerabilities/

Kubernetes Remote Code Execution Via Nodes/Proxy GET Permission
Many Kubernetes Helm Charts are vulnerable to possible remote code executions due to unclear defined access controls.
https://grahamhelton.com/blog/nodes-proxy-rce

no transcript found