SANS Stormcast Thursday, December 11th, 2025: Possible CVE-2024-9042 variant; react2shell exploits; notepad++ update hijacking; macOS priv escalation (#)

SANS Internet Storm Center's Daily Network Security News Podcast
11/12/2025 6 min
SANS Stormcast Thursday, December 11th, 2025: Possible CVE-2024-9042 variant; react2shell exploits; notepad++ update hijacking; macOS priv escalation (#)

Listen "SANS Stormcast Thursday, December 11th, 2025: Possible CVE-2024-9042 variant; react2shell exploits; notepad++ update hijacking; macOS priv escalation (#)"

Descargar episodio Ver en sitio original

Episode Synopsis

SANS Stormcast Thursday, December 11th, 2025: Possible CVE-2024-9042 variant; react2shell exploits; notepad++ update hijacking; macOS priv escalation Possible exploit variant for CVE-2024-9042 (Kubernetes OS Command Injection) We observed HTTP requests with our honeypot that may be indicative of a new version of an exploit against an older vulnerability. Help us figure out what is going on. https://isc.sans.edu/diary/Possible%20exploit%20variant%20for%20CVE-2024-9042%20%28Kubernetes%20OS%20Command%20Injection%29/32554 React2Shell: Technical Deep-Dive & In-the-Wild Exploitation of CVE-2025-55182 Wiz has a writeup with more background on the React2Shell vulnerability and current attacks https://www.wiz.io/blog/nextjs-cve-2025-55182-react2shell-deep-dive Notepad++ Update Hijacking Notepad++'s vulnerable update process was exploited https://notepad-plus-plus.org/news/v889-released/ New macOS PackageKit Privilege Escalation A PoC was released for a new privilege escalation vulnerability in macOS. Currently, there is no patch. https://khronokernel.com/macos/2024/06/03/CVE-2024-27822.html keywords: macos; privilege escalation; zsh; notepad++; evilgrade; react2shell; exploit; kubernetes

More episodes of the podcast SANS Internet Storm Center's Daily Network Security News Podcast

SANS Stormcast Thursday, December 18th, 2025: More React2Shell; Donicwall and Cisco Patch; Updated Chrome Advisory (#) 17/12/2025
SANS Stormcast Wednesday, December 17th, 2025: Beyond RC4; Forticloud SSO Vuln Exploited; FortiGate SSO Exploited; (#) 16/12/2025
SANS Stormcast Tuesday, December 16th, 2025: Current React2Shell Example; SAML woes; MSMQ issues after patch; (#) 15/12/2025
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches (#) 14/12/2025
SANS Stormcast Friday, December 12th, 2025: Local AI Models; Mystery Chrome 0-Day; SOAPwn Attack (#) 12/12/2025
SANS Stormcast Wednesday, December 10th, 2025: Microsoft, Adobe, Ivanti, Fortinet, and Ruby patches. (#) 10/12/2025
SANS Stormcast Tuesday, December 9th, 2025: nanoKVM Vulnerabilities; Ghostframe Phishing; WatchGuard Advisory (#) 08/12/2025
SANS Stormcast Monday, December 8th, 2025: AutoIT3 FileInstall; React2Shell Update; Tika Vuln (#) 08/12/2025
SANS Stormcast Friday, December 5th, 2025: Compromised Govt System; React Vuln Update; Array Networks VPN Attacks (#) 05/12/2025
SANS Stormcast Thursday, December 4th, 2025: CDN Headers; React Vulnerabiity; PickleScan Patch (#) 04/12/2025
© 2003-2025 ZARZA | AHEAD OF OUR TIME
privacy policy
In God we trust In God we trust
PreSales Questions? Click Here
or call our toll-free line at +1-888-5002068 Miami, Florida, USA