A recent Amazon report reveals that the Interlock ransomware gang leveraged a previously unknown vulnerability in Cisco firewalls to launch attacks, doing so weeks before the flaw was publicly disclosed. This zero-day exploit targeted a popular line of Cisco firewalls, allowing the gang to bypass security measures and gain unauthorized access to systems. The vulnerability, which has not been assigned a CVE number in publicly available information, was exploited in a manner that underscores the importance of prompt patching and continuous vulnerability assessment. Given the speed at which the Interlock gang acted, it is clear that threat actors are closely monitoring vulnerability disclosures and acting quickly to exploit them1. This incident highlights the need for organizations to rapidly assess their exposure to such vulnerabilities and apply patches as soon as they become available, as the window for doing so is often very short.