A brief daily summary of what is important in information security. The podcast is published every weekday and designed to get you ready for the day with a brief, usually 5 minute long, summary of current network security related events. The content is late breaking, educational and based on listener input as well as on input received by the SANS Internet Stormcenter. You may submit questions and comments via our contact form at https://isc.sans.edu/contact.html .
SANS Stormcast Thursday July 31st, 2025: Firebase Security; WebKit Vuln Exploited; Scattered Spider Update
July 30, 2025
6:40
1.12 MB ( 4.48 MB less)
Downloads: 0
Securing Firebase: Lessons Re-Learned from the Tea Breach
Inspried by the breach of the Tea app, Brendon Evans recorded a video to inform of Firebase security issues
https://isc.sans.edu/diary/Securing%20Firebase%3A%20Lessons%20Re-Learned%20from%20the%20Tea%20Breach/32158
WebKit Vulnerability Exploited before Apple Patch
A WebKit vulnerablity patched by Apple yesterday has already been exploited in Google Chrome. Google noted the exploit with its patch for the same vulnerability in Chrome.
https://nvd.nist.gov/vuln/detail/CVE-2025-6558
Scattered Spider Update
CISA released an update for its report on Scattered Spider, noting that the group also calls helpdesks impersonating users, not just the other way around.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-320a