Amazon security boss says crims abused max-security Cisco firewall flaw weeks before disclosure

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...
Dark Reading

Less Lucrative Ransomware Market Makes Attackers Alter Methods

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.
The Hacker News

Chinese Hackers Target Southeast Asian Militaries with AppleChris and MemFun Malware

China-linked CL-STA-1087 targets Southeast Asian militaries since 2020 using AppleChris and MemFun for espionage and credential theft.
The Hacker News

Interlock Ransomware Exploits Cisco FMC Zero-Day CVE-2026-20131 for Root Access

Interlock ransomware is actively exploiting CVE-2026-20131 (CVSS 10.0) in Cisco FMC, enabling unauthenticated remote code execution as root.
Reuters

Shell PLC

US broadly authorizes transactions with Venezuela's oil company PDVSA The U.S. issued a general license on Wednesday broadly authorizing U.S. companies to do business with Venezuela's state-run oil ...