APT28

Security News | Vulnerabilities

CISA Adds Microsoft Windows Shell CVE-2026-32202 and ConnectWise ScreenConnect to the KEV Catalog: Patch Deadlines, Active Exploits, and How to Respond
ByInnoVirtuoso May 19, 2026

Two more high-risk holes just landed in the crosshairs. On April 29, 2026, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Microsoft Windows Shell vulnerability (CVE-2026-32202) and a ConnectWise ScreenConnect flaw to its Known Exploited Vulnerabilities (KEV) catalog based on confirmed in-the-wild exploitation. Federal Civilian Executive Branch (FCEB) agencies now have a hard…

Read More CISA Adds Microsoft Windows Shell CVE-2026-32202 and ConnectWise ScreenConnect to the KEV Catalog: Patch Deadlines, Active Exploits, and How to Respond
Cybersecurity | Windows Security

CVE-2026-32202: Zero-Click Windows Shell Flaw Actively Exploited After Incomplete Patch
ByInnoVirtuoso May 19, 2026

Microsoft and the U.S. Cybersecurity and Infrastructure Security Agency (CISA) are warning that a new Windows zero-click vulnerability, CVE-2026-32202, is being exploited in the wild. The flaw sits in Windows Shell and enables “authentication coercion” that can silently expose sensitive data to a network adversary. Microsoft first disclosed the issue on April 14 and updated…

Read More CVE-2026-32202: Zero-Click Windows Shell Flaw Actively Exploited After Incomplete Patch
Security News | Windows Security

CVE-2026-32202: Incomplete Windows SmartScreen Patch Enables Zero-Click Attacks and NTLM Hash Theft
ByInnoVirtuoso May 18, 2026

Akamai researchers uncovered that an incomplete Microsoft patch quietly opened a fresh zero-click pathway into Windows networks—and adversaries didn’t need a single user interaction to get in. Cataloged as CVE-2026-32202, the bug arises from a February 2026 fix that fell short, leaving a gap around Windows SmartScreen and Windows Shell security prompts that attackers could…

Read More CVE-2026-32202: Incomplete Windows SmartScreen Patch Enables Zero-Click Attacks and NTLM Hash Theft
Security Advisories | Vulnerabilities

Microsoft “Shell Spoofing” Zero‑Day (CVE‑2026‑32202): Silent NTLM Coercion via LNK Files and What to Do Now
ByInnoVirtuoso May 15, 2026

A new Microsoft Windows zero‑day, tracked as CVE‑2026‑32202, is turning a previously patched exploit chain back into a live fire. The original updates addressed a remote code execution (RCE) and a SmartScreen bypass, but they left behind a zero‑click way to coerce NTLM authentication. That omission enables attackers to silently force a victim endpoint to…

Read More Microsoft “Shell Spoofing” Zero‑Day (CVE‑2026‑32202): Silent NTLM Coercion via LNK Files and What to Do Now

Don’t Miss Out!