SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Thursday, January 22nd, 2026: Visual Studio Code Scripts; Cisco Unified Comm and Zoom Vuln; Insufficient Fortinet Patch; SANS SOC Survey
5 snips
Jan 22, 2026 Visual Studio Code can automatically execute scripts, raising concerns about trusting source code. A critical remote code execution vulnerability in Cisco Unified Communications products leaves systems open to attack. Meanwhile, a command injection flaw in Zoom's multimedia routers has been patched, but not before posing risks to users. Discussions around a potential bypass for Fortinet's single sign-on have emerged, urging caution while awaiting fixes. Additionally, insights from the latest SOC survey are solicited to enhance cybersecurity practices.
AI Snips
Chapters
Transcript
Episode notes
IDE Files Can Trigger Automatic Code Execution
- Visual Studio Code can execute project-supplied scripts via a .vscode/tasks.json file when opening folders.
- Treat opening downloaded source in complex IDEs as potentially running attacker-controlled code.
Inspect Project Config Before Opening
- Check for and inspect IDE-specific config files like .vscode/tasks.json before opening downloaded projects.
- Trust source code only after verifying it or using IDEs that require explicit trust prompts.
Critical RCE Affects Cisco Unified Communications
- Cisco fixed a critical RCE across multiple Unified Communications products driven by improper input validation.
- The advisory implies possible privilege escalation to root, so compromise can be complete.