Referências do Episódio

• Security Advisory Ivanti Endpoint Manager Mobile (EPMM) (CVE-2026-1281 & CVE-2026-1340)

• Inside the Infrastructure: Who’s Scanning for Ivanti Connect Secure?

• CVE-2025-0282 Detail

• Dissecting UAT-8099: New persistence mechanisms and regional focus

• Threat Bulletin: Critical eScan Supply Chain Compromise

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Referências do Episódio

• Solarwinds - WHD 2026.1 release notes

• CVE-2025-40551: Another Solarwinds Web Help Desk Deserialization Issue

• Multiple Critical SolarWinds Web Help Desk Vulnerabilities: CVE-2025-40551, CVE-2025-40552, CVE-2025-40553, CVE-2025-40554

• Meet IClickFix: a widespread WordPress-targeting framework using the ClickFix tactic

• Can’t stop, won’t stop: TA584 innovates initial access

• Two High-Severity n8n Flaws Allow Authenticated Remote Code Execution

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia

Referências do Episódio

• Administrative FortiCloud SSO authentication bypass

• Analysis of Single Sign-On Abuse on FortiOS

• CMC 935 - A notável escala dos ataques do PurpleBravo | FortiGate sob ataque

• Diverse Threat Actors Exploiting Critical WinRAR Vulnerability CVE-2025-8088

• HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns

• Threat Actors Using AWS WorkMail in Phishing Campaigns

• New Architecture, New Risks: One-Click to Pwn IDIS IP Cameras

Roteiro e apresentação: Carlos Cabral

Edição de áudio: Paulo Arruzzo

Narração de encerramento: Bianca Garcia