CISA Adds Actively Exploited Windows Shell and ConnectWise ScreenConnect Flaws to the KEV Catalog: Patch Deadlines, Threat Details, and a Defense Playbook
Two more actively exploited vulnerabilities just landed in CISA’s Known Exploited Vulnerabilities (KEV) catalog: a Windows Shell bug tracked as CVE-2026-32202 and an undisclosed ConnectWise ScreenConnect flaw. The additions, made on April 29, come with a fast-approaching federal patch-by deadline of May 12 and an unambiguous signal to enterprises everywhere: prioritize remediation and start hunting…