SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Thursday, January 29th, 2026: WebLogic AI Slop; Fortinet Patches; WebLogic AI Slop; Fortinet Patches
11 snips
Jan 29, 2026 Discussion of a CVSS 10 Oracle WebLogic vulnerability and odd nonfunctional exploit attempts seen in honeypot logs. Coverage of an AI-generated exploit circulating on GitHub and the risks of relying on AI-crafted signatures. Update on Fortinet SSO patches rolling out and debate over re-enabling SSO. Brief note on SolarWinds Web Help Desk remote code execution flaws and other recent patches.
AI Snips
Chapters
Transcript
Episode notes
AI-Generated Exploits Can Be Misleading
- AI-generated exploit code can look plausible but still be nonfunctional and widely reused across the Internet.
- Johannes Ulrich observed such AI 'slop' being deployed against many arbitrary hosts, not just WebLogic instances.
Honeypot Caught A Nonsensical Exploit Attempt
- Johannes Ulrich found an exploit attempt in honeypot logs that 'didn't really make much sense.'
- Further digging traced it to an apparently nonworking AI-generated GitHub exploit template.
AI Speeds Workflows But Spreads Low-Quality Output
- Both attackers and defenders are accelerating workflows with AI, which increases the chance of low-quality outputs spreading.
- Johannes Ulrich remarked that AI use can cause both sides to waste effort or introduce risky shortcuts.