The Hacker News

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.
Windows Report

CISA Orders Urgent Patch for Actively Exploited Windows Shell Vulnerability

CISA orders urgent patching of a Windows Shell flaw actively exploited in zero-click attacks. Federal agencies must update by ...
SecurityWeek

Incomplete Windows Patch Opens Door to Zero-Click Attacks

Incomplete patch for a Windows SmartScreen and Windows Shell security prompts bypass created a new bug enabling zero-click ...
PCQuest

Microsoft warns Windows Shell flaw is being exploited to expose credentials

Microsoft’s Windows Shell flaw CVE-2026-32202 is under attack. See how one shortcut file can expose NTLM credentials and ...

Windows Shell vulnerability is being attacked

In February, Microsoft closed a Windows Shell vulnerability, but incompletely. Attacks have now been discovered. A patch ...

CISA Warning: Attacks on ConnectWise ScreenConnect and Windows Shell

The US cybersecurity agency CISA warns of observed attacks on the Windows Shell and ConnectWise ScreenConnect.