About this episode
Scanning Webserver with pwd as a Starting Path
Attackers are adding the output of the pwd command to their web scans.
https://isc.sans.edu/diary/x/32654
Microsoft Office Security Feature Bypass Vulnerability CVE-2026-21509
Microsoft released an out-of-band patch for Office fixing a currently exploited vulnerability.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509
Exposed Clawdbot Instances
Many users of the AI tool clawdbot expose instances without access control.
https://x.com/theonejvo/status/2015485025266098536
