SANS StormCast Highlights Phishing Tactics, Critical Nginx Vulnerabilities, Squid Proxy Flaw, and AMD Ryzen Memory Encryption Issue

22 Jun 2026

cybersecurityphishingIPv6nginxvulnerabilitiesremote_code_executionSquid_proxyAMDRyzenmemory_encryptionBIOS_update

The June 22, 2026, SANS Internet Storm Center StormCast highlighted a phishing tactic using IPv4-mapped IPv6 addresses to evade detection by obfuscating IPv4 addresses within IPv6 notation (e.g., ::FFFF:<IPv4>), which scanning tools and blocklists may overlook. F5 patched two critical vulnerabilities in Nginx, including a use-after-free flaw in HTTP/3 enabling remote code execution if ASLR is bypassed, and a buffer overflow requiring specific configurations. Squid proxy was found vulnerable to a Heartbleed-like flaw where attackers could leak HTTP request data from other users via malformed FTP directory listings, with a temporary mitigation being the disabling of FTP support. AMD acknowledged disabling memory encryption on Ryzen 9000 consumer CPUs, promising a BIOS update in July 2026 to re-enable the feature after prior firmware changes rendered BIOS settings ineffective. The episode also noted the host’s travel schedule, limiting podcast releases to Monday through Wednesday that week.