InfoSecBulletin Cybersecurity for mankind
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warn federal agencies to protect their Windows systems from a flaw used in zero-day attacks.
CVE-2026-32202 is a security issue found by the cybersecurity company Akamai. They say it is a zero-click NTLM hash leak problem that remains after Microsoft did not fully fix a remote code execution flaw (CVE-2026-21510) in February.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
CERT-UA found that the Russian APT28 group, also known as UAC-0001 or Fancy Bear, used CVE-2026-21510 to attack Ukraine and EU countries in December 2025. This was part of a series of attacks that also took advantage of a flaw in LNK files (CVE-2026-21513).
Microsoft says that remote attackers who successfully exploit the CVE-2026-32202 vulnerability in low-complexity attacks by sending “the victim a malicious file that the victim would have to execute,” could “view some sensitive information” on unpatched systems.
Akamai said in a report on Thursday that this security problem can be used in pass-the-hash attacks to steal NTLM hashes (which are hashed passwords). These hashes let attackers pretend to be the user and move around the network or take sensitive information.
Feds ordered to patch by May 12
On Tuesday, CISA added CVE-2026-32202 to its list of known security issues. They told Federal Civilian Executive Branch (FCEB) agencies to fix their Windows computers and servers within two weeks, by May 12, as required by Binding Operational Directive (BOD) 22-01.
“This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise,” the cybersecurity agency warned.
“Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.”
To keep your system safe, security admins need to do the following:
- Apply all available mitigations and patches strictly in accordance with Microsoft’s official vendor instructions
- Review and follow the applicable BOD 22-01 guidance if your organization utilizes connected cloud services
- Discontinue the use of the affected product entirely if official mitigations are unavailable or cannot be deployed
- Monitor incoming network traffic logs for unusual spoofing attempts or suspicious authentication requests
- Patching your systems immediately is the single most effective defense against this actively exploited zero-day threat.
Delaying these important updates puts networks at risk of spoofing attacks and serious data breaches.
