CISA warns Windows Shell zero-click flaw is being exploited in attacks

CISA has added a Microsoft Windows Shell vulnerability, tracked as CVE-2026-32202, to its Known Exploited Vulnerabilities catalog after evidence of active exploitation. The flaw affects Windows Shell and can expose sensitive authentication data through network spoofing. Microsoft patched the issue in its April 2026 Patch Tuesday update, then later updated its advisory to confirm exploitation […] The post CISA warns Windows Shell zero-click flaw is being exploited in attacks appeared first on VPN Central.