Sign up to save your podcasts
Or
Share InfoSec.Watch Podcast — Episode 116: React2Shell mass exploitation, Apple & Microsoft zero-days, and the BRICKSTORM hypervisor breach
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
InfoSec.Watch Podcast — Episode 116: React2Shell mass exploitation, Apple & Microsoft zero-days, and the BRICKSTORM hypervisor breach
Send us Fan Mail
This week’s episode dives into a packed slate of high-impact cybersecurity threats shaking the industry. We break down React2Shell (CVE-2025-55182) — a rapidly evolving remote code execution flaw driving mass scanning across the internet and prompting CISA to issue an urgent KEV directive. They also unpack Apple’s emergency WebKit zero-day patches and Microsoft’s latest actively exploited kernel and security-bypass vulnerabilities from December Patch Tuesday.
The team explores BRICKSTORM, a stealthy backdoor campaign targeting VMware vSphere hypervisors through fileless techniques and persistent access to virtualization control planes — a growing focus for state-sponsored actors. They then analyze the massive Global Mart data breach, a four-month compromise stemming from a single misconfigured cloud storage bucket.
Tool of the Week spotlights GreyNoise Threat Explorer, a powerful resource for separating malicious activity from internet background noise — especially valuable amid surging React2Shell exploitation.
The episode closes with a look at Phantom Voice, a new wave of AI-generated voice-cloning phishing attacks capable of convincingly mimicking executives to trigger financial fraud and data exposure.
Topics Covered:
- React2Shell RCE and widespread exploitation
- Apple & Microsoft zero-day patches underway
- BRICKSTORM: hypervisor-level persistence against VMware
- Global Mart breach impacting 50M customers
- GreyNoise Threat Explorer
- Phantom Voice AI-driven voice-clone phishing
Stay ahead of emerging threats at infosec.watch and follow us on X, Facebook, and LinkedIn.
Support the show
Thanks for listening to InfoSec.Watch!Subscribe to our newsletter for in-depth analysis: https://infosec.watch
Follow us for daily updates:
- X (Twitter)
- LinkedIn
- Facebook -
Stay secure out there!
View all episodes
By Infosec.WatchSend us Fan Mail
This week’s episode dives into a packed slate of high-impact cybersecurity threats shaking the industry. We break down React2Shell (CVE-2025-55182) — a rapidly evolving remote code execution flaw driving mass scanning across the internet and prompting CISA to issue an urgent KEV directive. They also unpack Apple’s emergency WebKit zero-day patches and Microsoft’s latest actively exploited kernel and security-bypass vulnerabilities from December Patch Tuesday.
The team explores BRICKSTORM, a stealthy backdoor campaign targeting VMware vSphere hypervisors through fileless techniques and persistent access to virtualization control planes — a growing focus for state-sponsored actors. They then analyze the massive Global Mart data breach, a four-month compromise stemming from a single misconfigured cloud storage bucket.
Tool of the Week spotlights GreyNoise Threat Explorer, a powerful resource for separating malicious activity from internet background noise — especially valuable amid surging React2Shell exploitation.
The episode closes with a look at Phantom Voice, a new wave of AI-generated voice-cloning phishing attacks capable of convincingly mimicking executives to trigger financial fraud and data exposure.
Topics Covered:
- React2Shell RCE and widespread exploitation
- Apple & Microsoft zero-day patches underway
- BRICKSTORM: hypervisor-level persistence against VMware
- Global Mart breach impacting 50M customers
- GreyNoise Threat Explorer
- Phantom Voice AI-driven voice-clone phishing
Stay ahead of emerging threats at infosec.watch and follow us on X, Facebook, and LinkedIn.
Support the show
Thanks for listening to InfoSec.Watch!Subscribe to our newsletter for in-depth analysis: https://infosec.watch
Follow us for daily updates:
- X (Twitter)
- LinkedIn
- Facebook -
Stay secure out there!