One of the world’s most active ransomware groups, Interlock, started exploiting a critical-rated Cisco firewall vulnerability as a zero day weeks before it was patched in early March, Amazon has revealed. The vulnerability in question is CVE-2026-20131, a remotely exploitable deserialization flaw in Cisco Secure Firewall Management Center (FMC) Software which was given a maximum 10 CVSS score. When Cisco released a patch for it on March 4 as part of its semiannual firewall update, security teams would have known this needed to be applied urgently, alongside a fix for a second FMC vulnerability, CVE-2026-20079, with an identical severity rating. However, Amazon’s discovery that Interlock star...