undefined | Dark Hacker News

1 points by farathshba 59 days ago

farathshba 59 days ago |

Interlock ransomware was inside firewall management consoles since January 26. Cisco didn't patch until March 4. No credentials required — unauthenticated Java deserialization, code execution as root, full control of every managed firewall device. Also in this fortnight: Ivanti EPMM RCE (again), an Azure MCP SSRF that leaks managed identity tokens, and a 2019 Log4j CVE that just got its first SAP patch in 2026.

farathshba 59 days ago |

Interlock ransomware was inside firewall management consoles since January 26. Cisco didn't patch until March 4. No credentials required — unauthenticated Java deserialization, code execution as root, full control of every managed firewall device. Also in this fortnight: Ivanti EPMM RCE (again), an Azure MCP SSRF that leaks managed identity tokens, and a 2019 Log4j CVE that just got its first SAP patch in 2026.