Johannes Ullrich Presents Stormcast Edition, Discusses Microsoft Azure Vulnerabilities and AI Tools

On February 9, 2026, Johannes Ullrich presented the Stormcast edition of Sands in a Storm from Jacksonville, Florida. He addressed several vulnerabilities in Microsoft Azure, including a privilege escalation in Azure Front Door, an information disclosure and privilege escalation in Azure Functions, and another in Azure Arc. Microsoft has already mitigated these vulnerabilities. Ullrich also discussed the usefulness of AI tools in detecting vulnerabilities in open-source projects. Anthropic published an article on its Opus 4.6 model, which identified 500 high-impact vulnerabilities, notably in Ghostscript and OpenSC. The article emphasizes that competent use of AI models is crucial for obtaining accurate results. Finally, Ullrich mentioned a vulnerability in GitLab AI Gateway, which could lead to code execution for authenticated users.