ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "SANS Stormcast Thursday, December 11th, 2025: Possible CVE-2024-9042 variant; react2shell exploits; notepad++ update hijacking; macOS priv escalation "
Episode Synopsis
Possible exploit variant for CVE-2024-9042 (Kubernetes OS Command Injection)
We observed HTTP requests with our honeypot that may be indicative of a new version of an exploit against an older vulnerability. Help us figure out what is going on.
https://isc.sans.edu/diary/Possible%20exploit%20variant%20for%20CVE-2024-9042%20%28Kubernetes%20OS%20Command%20Injection%29/32554
React2Shell: Technical Deep-Dive & In-the-Wild Exploitation of CVE-2025-55182
Wiz has a writeup with more background on the React2Shell vulnerability and current attacks
https://www.wiz.io/blog/nextjs-cve-2025-55182-react2shell-deep-dive
Notepad++ Update Hijacking
Notepad++ s vulnerable update process was exploited
https://notepad-plus-plus.org/news/v889-released/
New macOS PackageKit Privilege Escalation
A PoC was released for a new privilege escalation vulnerability in macOS. Currently, there is no patch.
https://khronokernel.com/macos/2024/06/03/CVE-2024-27822.html
More episodes of the podcast SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches
15/12/2025
SANS Stormcast Friday, December 12th, 2025: Local AI Models; Mystery Chrome 0-Day; SOAPwn Attack
12/12/2025
SANS Stormcast Wednesday, December 10th, 2025: Microsoft, Adobe, Ivanti, Fortinet, and Ruby patches.
10/12/2025
In God we trust