Amazon threat intelligence teams identify Interlock ransomware campaign targeting enterprise firewalls | AWS Security Blog

Amazon threat intelligence uncovered that the Interlock ransomware group exploited a critical Cisco firewall zero-day (CVE-2026-20131) over a month before public disclosure, using sophisticated multi-stage attacks and custom implants—highlighting the urgent need for layered defenses beyond rapid patching.