The Hacker News

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.
Morning Overview on MSN

CISA orders emergency patch for zero-click Windows flaw that steals credentials

A Windows vulnerability that lets attackers steal login credentials without the victim clicking, opening, or even seeing a ...
SecurityWeek

Incomplete Windows Patch Opens Door to Zero-Click Attacks

Incomplete patch for a Windows SmartScreen and Windows Shell security prompts bypass created a new bug enabling zero-click ...
Windows Report

CISA Orders Urgent Patch for Actively Exploited Windows Shell Vulnerability

CISA orders urgent patching of a Windows Shell flaw actively exploited in zero-click attacks. Federal agencies must update by ...

Windows Shell vulnerability is being attacked

In February, Microsoft closed a Windows Shell vulnerability, but incompletely. Attacks have now been discovered. A patch ...
Computing

Microsoft patches actively exploited Windows flaw left open by a previous patch

Microsoft has fixed an actively exploited flaw in Windows that arose from an incomplete patch released in the company’s ...
PCQuest

Microsoft warns Windows Shell flaw is being exploited to expose credentials

Microsoft’s Windows Shell flaw CVE-2026-32202 is under attack. See how one shortcut file can expose NTLM credentials and ...

Microsoft Changes Windows Security After 15 Years—Update By ‘End Of April’

This has never happened before. Microsoft is expiring the authentication that protects Windows PCs from threats each time ...