Handler on Duty: Xavier Mertens
Threat Level: green
Podcast Detail
SANS Stormcast Wednesday, July 8th, 2026: Odd DNS; AnyDesk Phishing; Tenda Backdoor; GitLost
If you are not able to play the podcast using the player below: Use this direct link to the audio file: https://traffic.libsyn.com/securitypodcast/9998.mp3
My Next Class
Click HERE to learn more about classes Johannes is teaching for SANS
More Odd DNS Records: NIMLOC
https://isc.sans.edu/diary/More%20Odd%20DNS%20Records%3A%20NIMLOC/33128
From Invoice to AnyDesk: Uncovering a Phishing Campaign Targeting Russian Aerospace Organizations
https://www.seqrite.com/blog/from-invoice-to-anydesk-uncovering-a-phishing-campaign-targeting-russian-aerospace-organizations/
Tenda firmware (multiple versions) contains hidden authentication backdoor
https://kb.cert.org/vuls/id/213560
GitLost: GitHub AI Agent Leak
https://noma.security/wp-content/uploads/GitLostWorkflow_2.gif
My Upcoming Classes
https://www.sans.org/profiles/dr-johannes-ullrich
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Jul 13th - Jul 18th 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Online | British Summer Time | Jul 27th - Aug 1st 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Las Vegas | Sep 21st - Sep 25th 2026 |
| Network Monitoring and Threat Detection In-Depth | Amsterdam | Nov 9th - Nov 14th 2026 |
| Application Security: Securing Web Apps, APIs, and Microservices | Washington | Dec 14th - Dec 18th 2026 |





