![Patch [FIX] Tuesday – June 2025: [WebDAV Attacks, SSH Hijacks, and macOS Sandbox Escapes], E20](https://img.transistorcdn.com/tbeD2wu1leP3hnh5ioR0GFCaifNQ2bb9ixwzrjU_-tU/rs:fill:0:0:1/w:1400/h:1400/q:60/mb:500000/aHR0cHM6Ly9pbWct/dXBsb2FkLXByb2R1/Y3Rpb24udHJhbnNp/c3Rvci5mbS82NTIw/Y2I2NzAxODI2NzY3/MDNmZDgzZTY3NjQ2/OTQ4NS5wbmc.jpg)
Episode 20
Patch [FIX] Tuesday – June 2025: [WebDAV Attacks, SSH Hijacks, and macOS Sandbox Escapes], E20
June 10, 202517m 8s
Audio is streamed directly from the publisher (media.transistor.fm) as published in their RSS feed. Play Podcasts does not host this file. Rights-holders can request removal through the copyright & takedown page.
Show Notes
June’s Patch [FIX] Tuesday unpacks a lighter-than-usual Windows patch cycle — but don’t get too comfortable. Join Automox cybersecurity experts as they break down high-risk vulnerabilities across macOS and Windows, including:
- A chained SSH vulnerability (CVE-2025-26465 & CVE-2025-26466) that allows memory exhaustion and bypasses host key verification
- A WebDAV remote code execution flaw (CVE-2025-33053) actively exploited in the wild
- Multiple macOS threats, from sandbox escapes to keychain access and privilege escalation
The team also shares patching strategies, mitigation tips, and password hygiene advice you’ll want to follow.
Topics
WebDAVSSH vulnerabilitySSH hijackmacOS sandbox escapeCVE-2025-26465CVE-2025-26466CVE-2025-33053remote code executionmemory exhaustionhost key bypassOpenSSHpatch managementApple CVEskeychain accessprivilege escalationPatch TuesdayAutomoxIT securityvulnerability chainingmacOS Sequoia 15.5password securitysystem hardeningpatch automationthreat mitigation