Daily 5 min cyber security news summary. News, patches, vulnerabilities and trends in information and network security. SANS Stormcast Tuesday, January 27th, 2026: PWD scanning; MSFT Office OOB Patch; Exposed Clawdbot

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

Johannes B. Ullrich

SANS Stormcast Tuesday, January 27th, 2026: PWD scanning; MSFT Office OOB Patch; Exposed Clawdbot

JAN 27, 20265 MIN
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

SANS Stormcast Tuesday, January 27th, 2026: PWD scanning; MSFT Office OOB Patch; Exposed Clawdbot

JAN 27, 20265 MIN

Description

<br/> Scanning Webserver with pwd as a Starting Path<br/> Attackers are adding the output of the pwd command to their web scans.<br/> <a href="https://isc.sans.edu/diary/x/32654">https://isc.sans.edu/diary/x/32654</a><br/> Microsoft Office Security Feature Bypass Vulnerability CVE-2026-21509<br/> Microsoft released an out-of-band patch for Office fixing a currently exploited vulnerability.<br/> <a href="https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509">https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509</a><br/> Exposed Clawdbot Instances<br/> Many users of the AI tool clawdbot expose instances without access control.<br/> <a href="https://x.com/theonejvo/status/2015485025266098536">https://x.com/theonejvo/status/2015485025266098536</a><br/>