Cisco FMC Zero-Day CVE-2026-20131 Exploited by Interlock Ransomware: What Network Security Engineers Must Do Now

CVE-2026-20131 is a CVSS 10.0 critical vulnerability in Cisco Secure Firewall Management Center (FMC) that allows unauthenticated remote attackers to execute arbitrary code as root through an insecure deserialization flaw in the web management interface. The Interlock ransomware group exploited it as a zero-day for 36 days before Cisco disclosed and patched it on March 4, 2026. If you run FMC to manage your FTD firewalls, stop reading and patch now — then come back. ...

March 21, 2026 · 12:40 AM MST · Security

Google's 2025 Zero-Day Report: Half of All Exploited Vulnerabilities Targeted Enterprise Networks

Google’s Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities exploited in the wild in 2025, with 43 of them — nearly half — targeting enterprise networking and security infrastructure. This represents an all-time high for enterprise-focused zero-days and a clear signal that the devices network engineers manage daily are now the primary attack surface. Key Takeaway: Network appliances like firewalls, VPN concentrators, and SD-WAN controllers have replaced endpoints as the top zero-day target. If you manage Cisco ASA, FTD, or any edge device, this report is your wake-up call. ...

March 5, 2026 · 8:55 PM MST · Security