Sign up to save your podcasts
Or
Share SANS Stormcast Monday, November 10th, 2025: Code Repo Requests; Time Delayed ICS Attacks; Encrypted LLM Traffic Sidechannel Attacks
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
SANS Stormcast Monday, November 10th, 2025: Code Repo Requests; Time Delayed ICS Attacks; Encrypted LLM Traffic Sidechannel Attacks
Honeypot Requests for Code Repository
Attackers continue to scan websites for source code repositories. Keep your repositories outside your document root and proactively scan your own sites.
https://isc.sans.edu/diary/Honeypot%3A%20Requests%20for%20%28Code%29%20Repositories/32460
Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads
Newly discovered malicious .NET packages attempt to deliver a time-delayed attack targeting ICS systems.
https://socket.dev/blog/9-malicious-nuget-packages-deliver-time-delayed-destructive-payloads
Side Channel Leaks in Encrypted Traffic to LLMs
Traffic to LLMs can be profiled to discover the nature of prompts sent by a user based on the amount and structure of the encrypted data.
https://www.microsoft.com/en-us/security/blog/2025/11/07/whisper-leak-a-novel-side-channel-cyberattack-on-remote-language-models/
View all episodes
By Johannes UllrichHoneypot Requests for Code Repository
Attackers continue to scan websites for source code repositories. Keep your repositories outside your document root and proactively scan your own sites.
https://isc.sans.edu/diary/Honeypot%3A%20Requests%20for%20%28Code%29%20Repositories/32460
Malicious NuGet Packages Deliver Time-Delayed Destructive Payloads
Newly discovered malicious .NET packages attempt to deliver a time-delayed attack targeting ICS systems.
https://socket.dev/blog/9-malicious-nuget-packages-deliver-time-delayed-destructive-payloads
Side Channel Leaks in Encrypted Traffic to LLMs
Traffic to LLMs can be profiled to discover the nature of prompts sent by a user based on the amount and structure of the encrypted data.
https://www.microsoft.com/en-us/security/blog/2025/11/07/whisper-leak-a-novel-side-channel-cyberattack-on-remote-language-models/