The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.
Infosecurity Magazine

AWS Warns Hackers Have Abused Cisco Firewall Zero-Day Since January

A prolific ransomware group has been exploiting a zero-day vulnerability in a Cisco firewall product since January, according ...

Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...

How to Spot 'Living Off the Land' Computer Attacks

"Living Off the Land" attacks use built-in tools and processes instead of traditional malware.
Redmondmag.com

Best Practices for PowerShell Script Version Control, Part 1

Semantic versioning gives PowerShell script changes clear meaning so you can evolve scripts quickly without letting updates devolve into chaos.

Microsoft investigates classic Outlook sync and connection issues

Microsoft is investigating several issues causing email synchronization and connection problems when using the classic Outlook desktop client.

CISA flags Wing FTP Server flaw as actively exploited in attacks

CISA warned U.S. government agencies to secure their Wing FTP Server instances against an actively exploited vulnerability that may be chained in remote code execution attacks.
The Hacker News

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.
Windows Report

Microsoft Brings RSAT Tools to Windows 11 on Arm Devices

Windows 11 on Arm now supports key RSAT tools, letting IT admins manage Active Directory, DNS, and DHCP remotely.