SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Thursday, October 16th, 2025: Clipboard Image Stealer; F5 Compromise; Adobe Updates; SAP Patchday
Oct 15, 2025
Discover a new Python infostealer that targets clipboard images, potentially compromising sensitive data like crypto addresses. F5 faces a serious breach with stolen source code and unpatched vulnerabilities, urging users to swiftly apply critical updates. Adobe has released patches for 12 products, addressing various vulnerabilities and oversights. Meanwhile, SAP highlights significant updates, particularly around high-severity deserialization vulnerabilities, prompting a closer look at their security measures. Stay informed and secure!
AI Snips
Chapters
Transcript
Episode notes
Clipboard Can Leak Images, Not Just Text
- Info-stealers can capture non-text clipboard items like images as easily as text data.
- Xavier's Python example exfiltrates clipboard images via Telegram, expanding typical clipboard theft tactics.
Patch Fast And Treat F5 Certificates As Compromised
- If you run F5 or NGINX products, apply F5's patches quickly because source code and vulnerability details were stolen.
- Also treat F5 signing certificates as revoked and verify any signed software before trusting it.
Stolen Signing Keys Magnify Risk
- Loss of signing key material lets attackers potentially sign malicious software as if from F5.
- Certificate revocation is messy, so administrators may need manual interventions to block revoked certificates.