A ransomware gang has been exploiting a critical vulnerability in Cisco enterprise firewalls, specifically targeting organizations with double-extortion attacks. The attackers had access to this vulnerability for weeks before it was publicly disclosed, indicating a significant window of exposure. The vulnerability, which has not been specified, is presumed to be severe enough to allow the Interlock ransomware gang to breach Cisco firewalls and gain access to sensitive networks. This targeted attack highlights the importance of sector-specific risk assessment, particularly for organizations relying on Cisco infrastructure. The fact that the gang had prior knowledge of the vulnerability suggests a high level of sophistication and planning1. This incident matters to security practitioners because it underscores the need for proactive operational resilience planning to mitigate the impact of such targeted attacks.