{"vulnerability": "CVE-2026-32202", "sightings": [{"uuid": "28dfe9a2-344d-4ce6-9429-2293ae6ced59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://t.me/thehackernews/8883", "content": "\ud83d\udea8 WARNING: Microsoft confirmed active exploitation of a Windows flaw \u2192 CVE-2026-32202.\n\nThe bug stems from an incomplete fix, allowing attackers to steal credentials via SMB authentication when a malicious file is opened.\n\n\ud83d\udd17 Read details \u2192 https://thehackernews.com/2026/04/microsoft-confirms-active-exploitation.html", "creation_timestamp": "2026-04-28T06:01:31.000000Z"}, {"uuid": "ced002d8-1e47-4458-a581-b568d426f9fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/39894", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 \u2013 thehackernews.com\n\nTue, 28 Apr 2026 13:50:00", "creation_timestamp": "2026-04-28T08:03:03.000000Z"}, {"uuid": "93a6dc43-4834-45df-ba26-e7a87ba2cd18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://t.me/TengkorakCyberCrewzz/9982", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 \u2013 thehackernews.com\n\nTue, 28 Apr 2026 13:50:00", "creation_timestamp": "2026-04-28T08:03:03.000000Z"}, {"uuid": "1bd3a010-44b8-4a20-9e67-5de2c5e64f86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://t.me/ctinow/249423", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202\nhttps://ift.tt/fWkVzTb", "creation_timestamp": "2026-04-28T06:59:27.000000Z"}, {"uuid": "28968259-4fe2-4d88-b992-d0a3a9ec50bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://t.me/cibsecurity/89213", "content": "\ud83d\udd8b\ufe0f Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202 \ud83d\udd8b\ufe0f\n\nMicrosoft on Monday revised its advisory for a nowpatched, highseverity security flaw impacting Windows Shell to acknowledge that it has been actively exploited in the wild. The vulnerability in question is CVE202632202 CVSS score 4.3, a spoofing vulnerability that could allow an attacker to access sensitive information. It was addressed as part of its Patch Tuesday update for this.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"The Hacker News\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2026-04-28T07:00:17.000000Z"}, {"uuid": "b5d11b34-4739-4642-88a8-4e817bea3275", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://www.thezdi.com/blog/2026/4/14/the-april-2026-security-update-review", "content": "", "creation_timestamp": "2026-04-14T15:49:19.000000Z"}, {"uuid": "684d7642-7705-43f1-a103-69f2b7dce6f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/securityrss.bsky.social/post/3mkmvlbknz52l", "content": "Microsoft confirmed active exploitation of Windows Shell vulnerability CVE-2026-32202, a spoofing flaw (CVSS score: 4.3) allowing unauthorized access to sensitive information.", "creation_timestamp": "2026-04-29T10:33:56.335167Z"}, {"uuid": "92ff750d-3091-4b33-b600-ac16787ede20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2026-0119", "content": "", "creation_timestamp": "2026-04-15T06:53:38.000000Z"}, {"uuid": "93f8cd6c-837a-41c4-8be0-867457d1f074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/780thmibdecyber.bsky.social/post/3mkam3ilnxc2s", "content": "", "creation_timestamp": "2026-04-24T13:12:06.243548Z"}, {"uuid": "66869081-c234-4129-acb5-2e95a32a8086", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkj4g4vfpc2p", "content": "", "creation_timestamp": "2026-04-27T22:25:41.371540Z"}, {"uuid": "7f214cd5-6813-492f-8944-6103c47ec5a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mknetqgrzj2b", "content": "Microsoft confirms active exploitation of Windows Shell vulnerability CVE-2026-32202. Users urged to update systems promptly. #CyberSecurity #WindowsUpdate #CVE202632202 Link: thedailytechfeed.com/microsoft-wa...", "creation_timestamp": "2026-04-29T15:07:06.768226Z"}, {"uuid": "03bfb120-251d-4efc-987b-a717b9619b95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "Telegram/Tvot5OYi7yS2K_ThF7C2BDw9T022EfvaqUn2cmq-a5YoKw", "content": "", "creation_timestamp": "2026-04-28T08:18:06.000000Z"}, {"uuid": "33b29d5c-417e-426c-9c99-1eab11cedc26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/blackhatnews.tokyo/post/3mkmwavyscf2g", "content": "CISA\u3001Microsoft\u304c Windows Shell\u8106\u5f31\u6027\uff08CVE-2026-32202\uff09\u306e\u7a4d\u6975\u7684\u306a\u60aa\u7528\u3092\u8b66\u544a\n\nCISA \u3068 Microsoft \u306e\u8b66\u544a\u306b\u3088\u308b\u3068\u3001\u653b\u6483\u8005\u306f\u88ab\u5bb3\u8005\u306e\u30b7\u30b9\u30c6\u30e0\u304c\u653b\u6483\u8005\u306e\u30b5\u30fc\u30d0\u30fc\u306b\u8a8d\u8a3c\u3055\u305b\u308b\u3053\u3068\u306b\u3064\u306a\u304c\u308b\u30bc\u30ed\u30af\u30ea\u30c3\u30af Windows Shell \u30b9\u30d7\u30fc\u30d5\u30a3\u30f3\u30b0\u8106\u5f31\u6027\u3067\u3042\u308b CVE-2026-32202 \u3092\u60aa\u7528\u3057\u3066\u3044\u307e\u3059\u3002 CVE-2026-32202 \u306b\u3064\u3044\u3066 CVE-2026-32202 \u306f CVE", "creation_timestamp": "2026-04-29T10:46:04.672498Z"}, {"uuid": "ad2f5107-e4b2-41e4-8c03-9882f75719e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkj3mdwf3p2e", "content": "", "creation_timestamp": "2026-04-27T22:11:31.251377Z"}, {"uuid": "de8bba29-82e9-4784-8bea-47cf21a48ed7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/helpnetsecurity.com/post/3mkmvkjlcds27", "content": "CISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202)\n\n\ud83d\udcd6 Read more: www.helpnetsecurity.com/2026/04/29/w...\n\n#cybersecurity #cybersecuritynews #vulnerability #Windows #WindowsServer", "creation_timestamp": "2026-04-29T10:33:34.269650Z"}, {"uuid": "d6563a7b-0828-4eb3-9fc5-c832e64e2aca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32202", "type": "seen", "source": "https://infosec.exchange/users/threatcodex/statuses/116478525307431969", "content": "", "creation_timestamp": "2026-04-27T20:20:49.105802Z"}, {"uuid": "67f89cc7-803c-4d2e-8800-8dbebab46a2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkjavpzjmq2j", "content": "", "creation_timestamp": "2026-04-27T23:45:59.108331Z"}, {"uuid": "76bdc7b0-977d-4094-a264-9afce6df6014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkj42s2css2s", "content": "", "creation_timestamp": "2026-04-27T22:19:19.990268Z"}, {"uuid": "36bcbe2c-532e-4e39-be6a-65abb5957fff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mkdwuku2wy2z", "content": "", "creation_timestamp": "2026-04-25T21:03:17.302208Z"}, {"uuid": "2d867b5c-2e67-4c1b-8219-00ebccfa1e07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkjba4xv2z23", "content": "", "creation_timestamp": "2026-04-27T23:51:48.569877Z"}, {"uuid": "bef008f3-1d74-4233-925f-3e260907c99e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nulj.bsky.social/post/3mkjfndc3ub23", "content": "", "creation_timestamp": "2026-04-28T01:10:46.366962Z"}, {"uuid": "f5e82af5-7e52-4035-8b84-eadc0e442021", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mkn5r6q3sw2a", "content": "CISA mandates federal agencies to patch a Windows zero-click vulnerability CVE-2026-32202 by May 12 under BOD 22-01. The flaw connects to APT28 and follows an incomplete Microsoft fix for CVE-2026-21510. #CVE2026 #APT28 #USA", "creation_timestamp": "2026-04-29T13:00:24.386313Z"}, {"uuid": "4a2b66df-2769-4992-9041-1478ba10ccf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/samilaiho.com/post/3mkmxvjcydc27", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202\nthehackernews.com/2026/04/micr...", "creation_timestamp": "2026-04-29T11:15:30.856319Z"}, {"uuid": "929aeb05-cf81-4f56-8f5c-99fe62676203", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/hendryadrian.bsky.social/post/3mkmxvm2bwn2d", "content": "CISA and Microsoft confirm active exploitation of CVE-2026-32202, a Windows Shell flaw causing automatic NTLM authentication leaks via malicious LNK icons. Linked to APT28 and incomplete patch fixes. #CVE202632202 #WindowsVulnerabilities #USA", "creation_timestamp": "2026-04-29T11:15:29.978999Z"}, {"uuid": "13bd9ea9-eb42-4be4-9858-764dbc384693", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/softfantw.eurosky.social/post/3mkjwztborc2v", "content": "", "creation_timestamp": "2026-04-28T06:21:59.396186Z"}, {"uuid": "378c6220-4ca9-4aa1-9548-47b575dd63e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mkjxf43qxky2", "content": "", "creation_timestamp": "2026-04-28T06:28:20.149246Z"}, {"uuid": "c5c7b006-3bfa-4688-9d13-27c10c3d90fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://thehackernews.com/2026/04/microsoft-confirms-active-exploitation.html", "content": "", "creation_timestamp": "2026-04-28T03:50:00.000000Z"}, {"uuid": "279c5211-f5fa-4aac-8714-ea64d8df4760", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mkjz4bnwqmy2", "content": "", "creation_timestamp": "2026-04-28T06:59:15.098379Z"}, {"uuid": "e0bbced8-3691-4560-a811-8b5ba4c63dc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3mkjzmdjso52m", "content": "", "creation_timestamp": "2026-04-28T07:08:07.912469Z"}, {"uuid": "79c5ea44-8c8d-4fc8-bde1-f0541345f492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/6362878", "content": "", "creation_timestamp": "2026-04-28T19:43:20.754264Z"}, {"uuid": "b281c245-e9ba-48df-a227-4fa9ad44a90e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3mklezkhghy2z", "content": "", "creation_timestamp": "2026-04-28T20:05:01.838653Z"}, {"uuid": "587da0d8-a214-43f2-806d-51fd6542cc40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/cwealthsentinel.bsky.social/post/3mklfncedyb2b", "content": "", "creation_timestamp": "2026-04-28T20:16:05.202401Z"}, {"uuid": "66ab0e9a-64f3-41df-a5be-2ebd8bb53a87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/kaldata.bsky.social/post/3mkkrsnhh2k2z", "content": "", "creation_timestamp": "2026-04-28T14:21:09.878069Z"}, {"uuid": "0cd09444-0798-43bd-9c53-a8a37a6ee171", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://gist.github.com/agrajag9/7848d911eecc12863c758c3f737c5ec3", "content": "", "creation_timestamp": "2026-04-28T12:44:43.000000Z"}, {"uuid": "6f0ea458-bd6f-4136-a066-c922708f1605", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/nz-nb.bsky.social/post/3mkmmyr5uwd2s", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202\n\nhttps://www.newsbeep.com/nz/402901/\n\nWhat happened Microsoft has revised its advisory for CVE-2026-32202, a Windows Shell spoofing vulnerability patched in April\u2019s Patch\u2026", "creation_timestamp": "2026-04-29T08:00:36.923868Z"}, {"uuid": "3a7970ef-4309-46e6-9a11-6e84a4d909df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxms4xk2c", "content": "", "creation_timestamp": "2026-04-28T14:41:50.443976Z"}, {"uuid": "bd1050eb-0ab8-4f75-a8d8-0792af03f59a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmsiok2c", "content": "", "creation_timestamp": "2026-04-28T14:41:50.975732Z"}, {"uuid": "6066c751-8be6-4031-9528-818c42255b75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmskn22c", "content": "", "creation_timestamp": "2026-04-28T14:41:52.015235Z"}, {"uuid": "4fa03894-7307-4e0a-bd28-bc0e5ab57a03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmslmc2c", "content": "", "creation_timestamp": "2026-04-28T14:41:52.562145Z"}, {"uuid": "155e6698-31fb-4732-8f9f-75ac26fbc42a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmslmd2c", "content": "", "creation_timestamp": "2026-04-28T14:41:53.114635Z"}, {"uuid": "51971af1-db0c-4b5d-aa8b-f7572289d6c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmsjns2c", "content": "", "creation_timestamp": "2026-04-28T14:41:51.505264Z"}, {"uuid": "ada705f6-6b25-4d73-97da-bbf87311751b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmsmll2c", "content": "", "creation_timestamp": "2026-04-28T14:41:53.636440Z"}, {"uuid": "0c61b331-3ed6-4c39-ab7a-d037d13d8bc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmsmlm2c", "content": "", "creation_timestamp": "2026-04-28T14:41:54.199041Z"}, {"uuid": "6c282225-dc03-4682-bba2-b38658122505", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkksxmsmln2c", "content": "", "creation_timestamp": "2026-04-28T14:41:54.705093Z"}, {"uuid": "dcf9b21d-85bc-43a8-8baa-bb641a405c71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/systemcenterdudes.com/post/3mkl5lxd4hm2t", "content": "", "creation_timestamp": "2026-04-28T17:52:09.623749Z"}, {"uuid": "e67fd377-37f5-4cf1-aee7-c46c7bdbacaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/ninjaowl.ai/post/3mklonvookm2w", "content": "", "creation_timestamp": "2026-04-28T22:57:28.719649Z"}, {"uuid": "2f801032-2710-4d1b-b060-d444af0bf873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://cyber.gc.ca/en/alerts-advisories/microsoft-security-advisory-april-2026-monthly-rollup-av26-352", "content": "", "creation_timestamp": "2026-04-28T10:39:01.000000Z"}, {"uuid": "2c42c452-d72e-4702-95d1-837d5337ac61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://gist.github.com/stone776/352084b56e7483a447a98ea4be839686", "content": "", "creation_timestamp": "2026-04-29T08:29:26.000000Z"}, {"uuid": "8d0d5388-0863-4999-9767-c81c2445d409", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/ehcgroup.bsky.social/post/3mkl2occb7c2g", "content": "", "creation_timestamp": "2026-04-28T16:59:48.673209Z"}, {"uuid": "a329d7f6-cc4a-4eac-b394-e056d3323816", "vulnerability_lookup_origin": "405284c2-e461-4670-8979-7fd2c9755a60", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2026-32202", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/fb193ad3-86de-4b69-906c-aed8cf08137f", "content": "", "creation_timestamp": "2026-04-28T18:00:01.978584Z"}, {"uuid": "a2dffc82-291b-4f01-91e4-4554ff968602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://www.cert.dk/news/2026-04-29/Microsoft-bekraefter-aktiv-udnyttelse-af-Windows-Shell-saarbarhed", "content": "", "creation_timestamp": "2026-04-28T08:14:56.000000Z"}, {"uuid": "93a0d106-71cf-4006-980f-e78d027f9d74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/techstart.bsky.social/post/3mkmznbojgu25", "content": "CISA e Microsoft confirmam atividade envolvendo a CVE-2026-32202 no Windows Shell.\n\nA vulnerabilidade permite vazamento de credenciais atrav\u00e9s de conex\u00f5es SMB autom\u00e1ticas.", "creation_timestamp": "2026-04-29T11:46:38.392757Z"}, {"uuid": "8c22549a-50a2-4756-b875-ec24c37dfd25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/hacker.at.thenote.app/post/3mklww2bgw22d", "content": "", "creation_timestamp": "2026-04-29T01:25:12.219290Z"}, {"uuid": "ff7e92a6-8879-4e7f-9109-4de86576b200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32202", "type": "seen", "source": "https://bsky.app/profile/cyberveille-ch.bsky.social/post/3mkncs6pcr22k", "content": "\ud83d\udce2 CVE-2026-32202 : faille Windows Shell activement exploit\u00e9e, li\u00e9e \u00e0 APT28\n\ud83d\udcdd ## \ud83d\uddd3\ufe0f Contexte\n\nPubli\u00e9 le 28 avril 2026 par The Cyber Security Hub sur LinkedIn, cet article\u2026\nhttps://cyberveille.ch/posts/2026-04-29-cve-2026-32202-faille-windows-shell-activement-exploitee-liee-a-apt28/ #APT28 #Cyberveille", "creation_timestamp": "2026-04-29T14:30:26.540378Z"}, {"uuid": "5e41ecba-bd83-4f55-8243-f949e0d59374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32202", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mkmz4bpyq52h", "content": "\ud83d\udccc Active Exploitation of Zero-Click Windows Shell Spoofing Vulnerability CVE-2026-32202 https://www.cyberhub.blog/article/24951-active-exploitation-of-zero-click-windows-shell-spoofing-vulnerability-cve-2026-32202", "creation_timestamp": "2026-04-29T11:37:09.385303Z"}, {"uuid": "82a6f120-db18-4cdd-83a7-ce87abd9cf9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsoqd2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:18.921997Z"}, {"uuid": "57be2eea-1a88-45e7-9d47-aeada9672805", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mknype64hf2m", "content": "CVE-2026-32202 has confirmed exploit code according to the following sources: cisa kev, vulncheck kev.", "creation_timestamp": "2026-04-29T21:02:34.545647Z"}, {"uuid": "c9d5c6dc-f0ad-4755-99a3-13a0f0b9b5e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mknfmqa67d2v", "content": "Critical 0-click vulnerability CVE-2026-32202 exploited by APT28 to bypass Windows Defender SmartScreen. Immediate patching recommended! #CyberSecurity #WindowsVulnerability #APT28 Link: thedailytechfeed.com/russian-apt2...", "creation_timestamp": "2026-04-29T15:21:06.573399Z"}, {"uuid": "e119eca5-32ae-4d37-9e4e-bd07125e0933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/truthphoenix.bsky.social/post/3mkngj4mr522r", "content": "Windows zero-day CVE-2026-32202 confirmed as exploited\n\nwww.notebookcheck.net/Windows-zero...", "creation_timestamp": "2026-04-29T15:36:28.280002Z"}, {"uuid": "1d16dfb0-e097-4b15-a717-56e08ed741a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://infosec.exchange/users/AAKL/statuses/116489040501970504", "content": "Broadcom has a new advisory for a critical vulnerability:\nESM Microservice 15.0 Vulnerability in Apache Tomcat https://support.broadcom.com/web/ecx/security-advisory #Broadcom #ApacheTomCat ---\nCisco has tagged the Internet Systems Consortium and wolfSSL for zero-day reports https://talosintelligence.com/vulnerability_info @TalosSecurity #zeroday ---\nFrom yesterday:\nCISA added two vulnerabilities to the KEV catalogue:\n-  CVE-2026-32202: Microsoft Windows Protection Mechanism Failure Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-32202\n-  CVE-2024-1708: ConnectWise ScreenConnect Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2024-1708 \n- Also, one industrial vulnerability https://www.cisa.gov/news-events/ics-advisories/icsa-26-118-01 #CISA #Microsoft #vulnerability #infosec", "creation_timestamp": "2026-04-29T16:54:57.785565Z"}, {"uuid": "ff1fc86d-c872-44a2-9ac6-8cb0e7e95b09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://www.cert.se/2026/04/cert-se-veckobrev-v18.html", "content": "", "creation_timestamp": "2026-04-30T03:15:00.000000Z"}, {"uuid": "72baccea-41e1-4e33-8430-f616bf901d21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://gist.github.com/stone776/a5ecb7cf46b544643a300a5546edc285", "content": "", "creation_timestamp": "2026-04-30T08:32:14.000000Z"}, {"uuid": "b1a44681-66dc-4c6e-9dd1-be37e84d684d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/infosecbriefly.bsky.social/post/3mkntg74bmf2s", "content": "Attackers exploit a zero-click Windows flaw, CVE-2026-32202, exposing sensitive information on vulnerable systems.\n", "creation_timestamp": "2026-04-29T19:27:58.206708Z"}, {"uuid": "68cf4e5c-209c-4344-8c6a-55af3d992050", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsqou2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:22.195106Z"}, {"uuid": "ea522a98-6a53-49c8-9e87-7b94a931fd6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsmrs2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:15.620705Z"}, {"uuid": "e36dc2e7-6a40-483d-b100-72c0fdbd4d90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsa3k2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:14.534923Z"}, {"uuid": "ecc89be3-8c68-4745-a49b-e0392e97acab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsppl2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:19.995237Z"}, {"uuid": "3cf47a45-cc1e-456f-8bbf-82992eda2387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsnr22r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:16.744816Z"}, {"uuid": "6428223c-79f3-482a-9d86-3e5672bed1d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsoqc2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:17.914676Z"}, {"uuid": "f0103b6a-d6c8-4457-847c-5d5e35e8b315", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsro42r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:23.290441Z"}, {"uuid": "2460d411-ba8e-44a6-b207-4b0e59a5532c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkne2wsqot2r", "content": "3/ \u26a0\ufe0f CISA: Windows CVE-2026-32202 is actively exploited by Russia's APT28. Zero-click NTLM leak. Just opening a folder can expose credentials. Patch deadline: May 12.", "creation_timestamp": "2026-04-29T14:53:21.016855Z"}, {"uuid": "b278cefe-9bee-408d-b2e3-6ee063ed21fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sctocs.bsky.social/post/3mknq7fet4s2t", "content": "CVE-2026-32202 is now actively exploited in the wild, according to Microsoft.\n\nThe Windows Shell flaw enables spoofing attacks and can expose NTLM hashes through automatic SMB authentication, creating a pathway for credential theft.\n\n sctocs.com/windows-shel...", "creation_timestamp": "2026-04-29T18:30:43.257572Z"}, {"uuid": "2294b7c5-95e5-43f5-a8c9-3cb000d55479", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/lordman1982.bsky.social/post/3mknrw7npix2w", "content": "Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202\nthehackernews.com/2026/04/micr...", "creation_timestamp": "2026-04-29T19:01:08.188611Z"}, {"uuid": "be39d162-20d0-4d2b-9fbc-0b8d732347b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mkoelejavx2n", "content": "CISA\u304c\u65e2\u77e5\u306e\u60aa\u7528\u3055\u308c\u305f\u8106\u5f31\u60272\u4ef6\u3092\u30ab\u30bf\u30ed\u30b0\u306b\u8ffd\u52a0 \n\nCISA Adds Two Known Exploited Vulnerabilities to Catalog  #CISA (Apr 28)\n\nCVE-2024-1708  ConnectWise ScreenConnect \u30d1\u30b9\u30c8\u30e9\u30d0\u30fc\u30b5\u30eb\u8106\u5f31\u6027\nCVE-2026-32202  Microsoft Windows\u4fdd\u8b77\u30e1\u30ab\u30cb\u30ba\u30e0\u306e\u4e0d\u5177\u5408\u306e\u8106\u5f31\u6027 \n\nwww.cisa.gov/news-events/...", "creation_timestamp": "2026-04-30T00:35:05.374901Z"}, {"uuid": "f781e6cc-3e4e-42ee-922e-fa48d2d188ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/crustytldr.bsky.social/post/3mko47gog7527", "content": "\ud83d\udd12 CVE-2026-32202: Windows Shell Spoofing Vulnerability\n\nA Windows Shell spoofing vulnerability has been identified and tracked as CVE-2026-32202. This security flaw impacts the Windows oper...\n\nhttps://is.gd/fXSbjK #CyberSecurity #InfoSec #CrustyTLDR", "creation_timestamp": "2026-04-29T22:05:14.720040Z"}, {"uuid": "6882cd38-dd5c-4c91-bf48-b001a6cf5770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/kitafox.bsky.social/post/3mkoevr4dyq2e", "content": "CISA\u3068\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u306f\u3001Windows\u30b7\u30a7\u30eb\u8106\u5f31\u6027\uff08CVE-2026-32202\uff09\u306e\u60aa\u7528\u304c\u6d3b\u767a\u306b\u884c\u308f\u308c\u3066\u3044\u308b\u3068\u8b66\u544a\u3057\u305f \n\nCISA, Microsoft warn of active exploitation of Windows Shell vulnerability (CVE-2026-32202)  #HelpNetSecurity (Apr 29)\n\nwww.helpnetsecurity.com/2026/04/29/w...", "creation_timestamp": "2026-04-30T00:40:53.765180Z"}, {"uuid": "71fb3f6d-9572-4d7a-ba4d-f97ea90045a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwy6yc2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:02.549931Z"}, {"uuid": "6d9e0c45-3116-440f-a21c-995125e2d0e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwy7xk2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:04.430249Z"}, {"uuid": "9c1b929e-35fd-4ec3-ac1c-badd41435030", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwybw32q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:07.958589Z"}, {"uuid": "d2810366-0fde-4bba-939c-529d9b5c9594", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwyetu2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:11.436499Z"}, {"uuid": "66f8242b-7cce-4c6d-81cf-78d4fd365370", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwybw22q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:06.106085Z"}, {"uuid": "74207d65-44eb-4edb-b6ba-a747a7080dee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwybw42q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:09.783000Z"}, {"uuid": "62a45243-0215-479d-8510-835739549570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3mkqv5pvylh2v", "content": "[RSS] A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202\n\n\n www.akamai.com -&gt; \n\n\nOriginal-&gt;", "creation_timestamp": "2026-05-01T00:37:00.267177Z"}, {"uuid": "424ad12e-3deb-44f7-8d5a-c24a5bfbed9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3mkr46gbkis2e", "content": "CISA Adds Two Known Exploited Vulnerabilities to Catalog\nRelease Date April 28, 2026\n\nCVE-2024-1708 ConnectWise ScreenConnect Path Traversal Vulnerability\nCVE-2026-32202 Microsoft Windows Protection Mechanism Failure Vulnerability", "creation_timestamp": "2026-05-01T02:42:40.468838Z"}, {"uuid": "3c8cf9fc-98d4-41ff-b0c8-edf0b6040a72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwxrcs2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:12:55.543790Z"}, {"uuid": "96bcf239-d36b-4a75-bef1-527cfd8e7e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwy33c2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:12:57.276304Z"}, {"uuid": "65c11810-d222-4636-84c4-7759006d58d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwy42k2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:12:59.183142Z"}, {"uuid": "cd6d9f2a-94f5-45a8-a9e8-51ee899c1cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/sergioiker.bsky.social/post/3mkpvmwy4zs2q", "content": "2/ \u26a0\ufe0f CISA added Windows CVE-2026-32202 to its KEV catalog. Zero-click NTLM hash leak. Navigate to a folder with a bad file = credentials stolen. Federal deadline: May 12. Don't wait.", "creation_timestamp": "2026-04-30T15:13:00.862942Z"}, {"uuid": "e07f02d9-94bf-48c0-9065-d41eb81fecc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-32202", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mks224uocf2q", "content": "\ud83d\udccc Microsoft Confirms Active Exploitation of CVE-2026-32202 Credential Theft Vulnerability in Windows https://www.cyberhub.blog/article/25150-microsoft-confirms-active-exploitation-of-cve-2026-32202-credential-theft-vulnerability-in-windows", "creation_timestamp": "2026-05-01T11:37:09.286294Z"}, {"uuid": "d6b14737-f170-416b-8398-8501e737fb38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://t.me/itarmyofrussianews/377", "content": "CVE-2026-21510\n\n\u0421\u043f\u0435\u0446\u0438\u0430\u043b\u0438\u0441\u0442\u044b Akamai \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438, \u0447\u0442\u043e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e \u043a\u0430\u043a \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-21510 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 Windows, \u0432 \u043d\u0435\u0439 \u0441\u043e\u0445\u0440\u0430\u043d\u0438\u043b\u0441\u044f \u0441\u043a\u0440\u044b\u0442\u044b\u0439 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440 \u0436\u0435\u0440\u0442\u0432\u044b \u0441\u0430\u043c \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0442\u044c\u0441\u044f \u043a \u0441\u0435\u0440\u0432\u0435\u0440\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430. \u041d\u043e\u0432\u044b\u0439 \u0434\u0435\u0444\u0435\u043a\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u043b \u043d\u043e\u043c\u0435\u0440 CVE-2026-32202. \u0410\u0442\u0430\u043a\u0430 \u043d\u0435 \u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439 \u0441\u043e \u0441\u0442\u043e\u0440\u043e\u043d\u044b \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f. \u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u0430\u043f\u043a\u0443 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u043e\u043c.\n\n\u0423\u0441\u0442\u0440\u0430\u043d\u0438\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 APT28(FancyBear), \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430, \u043d\u043e \u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0434\u0440\u0443\u0433\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0443\u044e \u0432\u044b\u043c\u0430\u043d\u0438\u0432\u0430\u0442\u044c \u0443\u0447\u0451\u0442\u043d\u044b\u0435 \u0434\u0430\u043d\u043d\u044b\u0435 \u0431\u0435\u0437 \u0435\u0434\u0438\u043d\u043e\u0433\u043e \u043a\u043b\u0438\u043a\u0430.\n\n\u041a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u0442 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 Fancy Bear, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0432 \u043a\u043e\u043d\u0446\u0435 2025 \u0433\u043e\u0434\u0430 \u0430\u0442\u0430\u043a\u043e\u0432\u0430\u043b\u0430 \u0440\u044f\u0434 \u0441\u0442\u0440\u0430\u043d \u0432 \u0415\u0432\u0440\u043e\u043f\u0435, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044f \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043f\u043e\u0434\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u044f\u0440\u043b\u044b\u043a\u0438 Windows. \u0422\u0430\u043a\u0438\u0435 \u0444\u0430\u0439\u043b\u044b \u0441 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435\u043c LNK \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u043b\u0438 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043a\u043b\u044e\u0447\u0430\u044f CVE-2026-21513 \u0438 CVE-2026-21510. \u0427\u0435\u0440\u0435\u0437 \u043d\u0438\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043e\u0431\u0445\u043e\u0434\u0438\u043b\u0438 \u0437\u0430\u0449\u0438\u0442\u0443 \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u043b\u0438 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043a\u043e\u0434 \u0441 \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430.\n\n\u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043f\u0440\u043e\u0441\u0442\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043f\u0430\u043f\u043a\u0443 \u0441 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u044f\u0440\u043b\u044b\u043a\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u043f\u0440\u043e\u0432\u043e\u0434\u043d\u0438\u043a \u043f\u043e\u043f\u044b\u0442\u0430\u043b\u0441\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0435\u0433\u043e \u0437\u043d\u0430\u0447\u043e\u043a. \u0412 \u044d\u0442\u043e\u0442 \u043c\u043e\u043c\u0435\u043d\u0442 Windows \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u043a \u0443\u0434\u0430\u043b\u0451\u043d\u043d\u043e\u043c\u0443.\n\n\u041d\u0430\u0448\u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u044b: \n\u041a\u0430\u043d\u0430\u043b \u0444\u043e\u0440\u0443\u043c\u0430: T.ME/XSSF_FORUM\n\u041d\u0430\u0448 \u043a\u0430\u043d\u0430\u043b: T.ME/ITARMYOFRUSSIANEWS", "creation_timestamp": "2026-05-02T11:29:59.000000Z"}, {"uuid": "15a098b6-fba3-4c3b-8772-60d4e7e22dbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3mkz43caize2t", "content": "[RSS] A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202\n\n\n www.akamai.com -&gt; \n\n\nOriginal-&gt;", "creation_timestamp": "2026-05-04T07:02:12.982888Z"}, {"uuid": "c942066a-ad1e-4662-8048-ce5364165df1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://t.me/kasperskyb2b/2158", "content": "\ud83d\udc40 \u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u044b\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f APT \u0438 \u043d\u043e\u0432\u043e\u0441\u0442\u0438 \u0418\u0411 \u0437\u0430 \u043d\u0435\u0434\u0435\u043b\u044e\n\n\ud83d\udfe2\u0412 \u0430\u0442\u0430\u043a\u0430\u0445 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 Silver Fox \u043d\u0430 \u043e\u0440\u0433\u0430\u043d\u0437\u0438\u0430\u0446\u0438\u0438 \u0432 \u0420\u0424 \u0438 \u0432 \u0418\u043d\u0434\u0438\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u043d\u043e\u0432\u044b\u0439 \u0431\u044d\u043a\u0434\u043e\u0440 ABCDoor. \u0420\u0435\u0442\u0440\u043e\u0441\u043f\u0435\u043a\u0442\u0438\u0432\u043d\u044b\u0439 \u0430\u043d\u0430\u043b\u0438\u0437 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c 7 \u0432\u0435\u0440\u0441\u0438\u0439 \u0412\u041f\u041e, \u043f\u0435\u0440\u0432\u0430\u044f \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0434\u0430\u0442\u0438\u0440\u0443\u0435\u0442\u0441\u044f \u0430\u0436 2024 \u0433\u043e\u0434\u043e\u043c, \u043d\u043e \u0440\u0430\u0437\u0432\u0438\u0442\u0438\u0435 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442\u0441\u044f \u043f\u043e \u0441\u0435\u0439 \u0434\u0435\u043d\u044c. \u041d\u0430\u0447\u0438\u043d\u0430\u044e\u0442\u0441\u044f \u0430\u0442\u0430\u043a\u0438 \u0441 \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0444\u0438\u0448\u0438\u043d\u0433\u0430 \u043d\u0430\u043b\u043e\u0433\u043e\u0432\u043e\u0439 \u0442\u0435\u043c\u0430\u0442\u0438\u043a\u0438. \n\n\ud83d\udfe3\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u044b\u0439 \u0440\u0430\u0437\u0431\u043e\u0440 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2026-31431 (CopyFail), \u0443\u0433\u0440\u043e\u0436\u0430\u044e\u0449\u0435\u0439 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0443 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u044b\u0445 \u0441\u0431\u043e\u0440\u043e\u043a Linux. \u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u0430 \u0443\u0433\u0440\u043e\u0437\u0430 \u0434\u043b\u044f \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u043d\u044b\u0445 \u0441\u0440\u0435\u0434:  Docker, LXC \u0438 Kubernetes.\n\n\ud83d\udd35\u0412 \u043c\u0435\u043d\u0435\u0434\u0436\u0435\u0440\u0435 \u043f\u0430\u043a\u0435\u0442\u043e\u0432 npm \u0431\u0443\u0448\u0443\u0435\u0442 \u044d\u043f\u0438\u0434\u0435\u043c\u0438\u044f Mini Shai-Hulud: \u0447\u0435\u0440\u0432\u044c \u043f\u043e\u0440\u0430\u0437\u0438\u043b \u043f\u0430\u043a\u0435\u0442\u044b SAP \u0438 intercom. \u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e \u0442\u0435 \u0436\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043f\u0430\u043a\u0435\u0442\u044b lightning \u0432 PyPi. TTPs \u043f\u043e\u0445\u043e\u0436\u0438 \u043d\u0430 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0443 TeamPCP.\n\n\ud83d\udfe3\u0413\u0440\u0443\u043f\u043f\u0430 HeartlessSoul, \u0437\u0430\u043c\u0435\u0447\u0435\u043d\u043d\u0430\u044f \u043e\u0441\u0435\u043d\u044c\u044e 2025 \u0433\u043e\u0434\u0430, \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0430\u0432\u0438\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u044c \u0438 \u0432 \u0447\u0438\u0441\u043b\u0435 \u043f\u043e\u0445\u0438\u0449\u0430\u0435\u043c\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0434\u0435\u043b\u0430\u0435\u0442 \u043e\u0441\u043e\u0431\u044b\u0439 \u0430\u043a\u0446\u0435\u043d\u0442 \u043d\u0430 \u0444\u0430\u0439\u043b\u044b \u0433\u0435\u043e\u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c. \u041f\u0440\u0438\u043c\u0435\u0447\u0430\u0442\u0435\u043b\u0435\u043d \u043f\u043e\u0434\u0445\u043e\u0434 \u043a \u0442\u0430\u0440\u0433\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044e: \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0440\u0435\u043a\u043b\u0430\u043c\u0438\u0440\u0443\u0435\u0442 \u0441\u0430\u0439\u0442\u044b-\u0444\u0430\u043b\u044c\u0448\u0438\u0432\u043a\u0438 \u0441 \u0442\u0440\u043e\u044f\u043d\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u041f\u041e \u0434\u043b\u044f \u0430\u0432\u0438\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\ud83d\udfe3\u0412\u044b\u043c\u043e\u0433\u0430\u0442\u0435\u043b\u0438 \u0442\u043e\u0436\u0435 \u0432\u043e\u043b\u043d\u0443\u044e\u0442\u0441\u044f \u043e \u043f\u043e\u0441\u0442\u043a\u0432\u0430\u043d\u0442\u043e\u0432\u043e\u0439 \u043a\u0440\u0438\u043f\u0442\u043e\u0433\u0440\u0430\u0444\u0438\u0438 \u2014 \u043d\u043e\u0432\u044b\u0439 \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043b\u044c\u0449\u0438\u043a Kyber \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0432 \u0441\u0432\u043e\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u0435 \u0433\u0438\u0431\u0440\u0438\u0434\u043d\u044b\u0439 \u0430\u043b\u0433\u043e\u0440\u0438\u0442\u043c \u0441 \u041f\u041a\u0428.\n\n\ud83d\udd35\u041e\u0433\u0440\u043e\u043c\u043d\u044b\u0439 150-\u0441\u0442\u0440\u0430\u043d\u0438\u0447\u043d\u044b\u0439 \u043e\u0442\u0447\u0435\u0442 \u043e \u0441\u043b\u043e\u0436\u043d\u043e\u043c \u0412\u041f\u041e EasterBunny (pdf) \u0438 TTPs APT29/DarkHalo, \u0435\u0433\u043e \u043f\u0440\u0438\u043c\u0435\u043d\u044f\u044e\u0449\u0435\u0439. \u0421\u0440\u0435\u0434\u0438 \u043b\u044e\u0431\u043e\u043f\u044b\u0442\u043d\u044b\u0445 \u0434\u0435\u0442\u0430\u043b\u0435\u0439 \u2014 \u0436\u0451\u0441\u0442\u043a\u0430\u044f \u043f\u0440\u0438\u0432\u044f\u0437\u043a\u0430 \u0438\u043c\u043f\u043b\u0430\u043d\u0442\u0430 \u043a \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0443, \u043d\u0430 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u043d \u043d\u0430\u0446\u0435\u043b\u0435\u043d, \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u0430\u0448\u0438\u043d\u0430\u0445 \u043f\u0440\u043e\u0441\u0442\u043e \u043d\u0435 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u0441\u044f.\n\n\ud83d\udfe3\u041d\u043e\u0432\u044b\u0435 \u0440\u0430\u0437\u043d\u043e\u0432\u0438\u0434\u043d\u043e\u0441\u0442\u0438 ClickFix: \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043a\u043e\u043c\u0430\u043d\u0434 cmdkey \u0438 regsvr32 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0412\u041f\u041e.\n\n\ud83d\udd35\u0417\u0430\u043a\u0440\u044b\u0442\u0430\u044f \u0432 \u0430\u043f\u0440\u0435\u043b\u044c\u0441\u043a\u043e\u043c Patch Tuesday CVE-2026-32202, \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0430\u044f \u043a \u0443\u0442\u0435\u0447\u043a\u0435 \u0445\u044d\u0448\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u0442\u0435\u043f\u0435\u0440\u044c \u043f\u043e\u043c\u0435\u0447\u0435\u043d\u0430 \u043a\u0430\u043a \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u0430\u044f. \u0414\u0435\u0444\u0435\u043a\u0442 \u0432\u043e\u0437\u043d\u0438\u043a \u0438\u0437-\u0437\u0430 \u043d\u0435\u043f\u043e\u043b\u043d\u043e\u0433\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u0444\u0435\u0432\u0440\u0430\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0437\u0438\u0440\u043e\u0434\u0435\u044f CVE-2026-21510.\n\n\ud83d\udfe3\u0418\u043d\u0442\u0435\u0440\u0435\u0441\u043d\u0430\u044f \u0438\u0441\u0442\u043e\u0440\u0438\u044f \u2014 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 \u043f\u043b\u0430\u0433\u0438\u043d \u0434\u043b\u044f WordPress \u0431\u044b\u043b \u0438\u0437\u0433\u043e\u0442\u043e\u0432\u043b\u0435\u043d \u0438\u0437 \u043b\u0435\u0433\u0438\u0442\u0438\u043c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0435\u0449\u0435 \u0432 2020 \u0433\u043e\u0434\u0443, \u043d\u043e \u043e\u0431\u0437\u0430\u0432\u0451\u043b\u0441\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u043e\u043d\u0430\u043b\u044c\u043d\u043e\u0441\u0442\u044c\u044e \u0442\u043e\u043b\u044c\u043a\u043e \u0432 2026. \n\n\ud83d\udd35\u0420\u0430\u0437\u0431\u043e\u0440 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u0439 \u0433\u043b\u043e\u0431\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u043f\u0430\u043c-\u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u0441 \u0440\u0430\u0441\u0441\u044b\u043b\u043a\u043e\u0439 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0445 SMS \u043e\u0431 \u043e\u043f\u043b\u0430\u0442\u0435 \u0434\u043e\u0440\u043e\u0436\u043d\u044b\u0445 \u043f\u043e\u0448\u043b\u0438\u043d \u0438 \u0448\u0442\u0440\u0430\u0444\u043e\u0432. \u0412 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0436\u0435\u0440\u0442\u0432 \u0437\u0430\u043c\u0430\u043d\u0438\u0432\u0430\u044e\u0442 \u043d\u0430 \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0435 \u043f\u043b\u0430\u0442\u0451\u0436\u043d\u044b\u0435 \u0441\u0430\u0439\u0442\u044b \u0438 \u0441\u0430\u0439\u0442\u044b, \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0412\u041f\u041e.\n\n\ud83d\udfe2\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2026-41940 \u0432 \u043f\u0430\u043d\u0435\u043b\u044f\u0445 cPanel \u0438 WHM, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0430\u0434\u043c\u0438\u043d\u0441\u043a\u0438\u0435 \u043f\u0440\u0430\u0432\u0430 \u0431\u0435\u0437 \u0432\u0441\u044f\u043a\u043e\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0435\u0449\u0451 \u0434\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f. \u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u043e\u0441\u0442\u044c cPanel, \u044d\u0442\u043e \u0432\u0435\u0441\u044c\u043c\u0430 \u0441\u0435\u0440\u044c\u0451\u0437\u043d\u043e \u2014 \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u043d\u0443\u0436\u043d\u043e \u0432 \u0441\u0440\u043e\u0447\u043d\u043e\u043c \u043f\u043e\u0440\u044f\u0434\u043a\u0435. \n\n\ud83d\udfe3\u041d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u043e\u0435 \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 \u0433\u0435\u043e\u0433\u0440\u0430\u0444\u0438\u0438 \u0441\u043a\u0430\u043c-\u0446\u0435\u043d\u0442\u0440\u043e\u0432 (\u0438 \u0431\u043e\u0440\u044c\u0431\u044b \u0441 \u043d\u0438\u043c\u0438) \u2014 \u0434\u0435\u0432\u044f\u0442\u044c \u043c\u043e\u0448\u0435\u043d\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u043e\u0444\u0438\u0441\u043e\u0432 \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u0432 \u0414\u0443\u0431\u0430\u0435.\n\n#\u0434\u0430\u0439\u0434\u0436\u0435\u0441\u0442 #APT @\u041f2\u0422", "creation_timestamp": "2026-05-04T09:44:28.000000Z"}, {"uuid": "01444aff-02d3-44da-b912-cfc5437f8aec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-32202", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3ml5su4t3d624", "content": "CISA warns of active exploitation of Windows Shell zero-day vulnerability CVE-2026-32202. Organizations urged to apply patches immediately. #CyberSecurity #WindowsVulnerability #CISAAlert Link: thedailytechfeed.com/critical-zer...", "creation_timestamp": "2026-05-06T04:00:27.690016Z"}]}