*SANS Internet Storm Center Stormcast* Podcast Highlights Romance Scams, Security Updates, and Critical Vulnerabilities (January 28, 2026)

The January 28, 2026 episode of the SANS Internet Storm Center Stormcast podcast covers three main topics. First, an analysis by intern Faris Azari examines the early stages of romance scams, revealing that these frauds often begin with erroneous SMS messages designed to initiate conversations with victims, ultimately leading to cryptocurrency-based scams. Multiple scammers may impersonate the same identity. Second, a security update addresses a lingering denial-of-service vulnerability related to React to Shell (a remote code execution flaw patched in December 2025), requiring an additional fix. Finally, OpenSSL 3.x and later versions patch a stack-based buffer overflow vulnerability in the parsing of CMS (Cryptographic Message Syntax) data, which could be exploited before signature verification via S/MIME messages. The podcast also mentions a Kubernetes flaw: users with get permissions on the API can escalate privileges through a websocket to execute arbitrary commands on the kubelet, though this is classified as "expected behavior."