Zero Day MonitorZDM

← Back to list

EST

PRE-CVEEXPLOITED

Cisco · Talos

COM Usage in Windows Threats

56% confidence

Description

The article provides substantial new technical details about how malware families like Qakbot and WarmCookie exploit COM for lateral movement, persistence, and evasion, emphasizing the challenges of static analysis due to opaque GUIDs and indirect vtable calls.

Affected Products

Vendor	Product	Versions
Cisco	Talos	—

Related News (2 articles)

Tier C

Cisco Talos2d ago

Beyond IOCs: AI-enabled threat intelligence

→ No new info (linked only)

Tier C

Cisco Talos2d ago

Introduction to COM usage by Windows threats

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

PublishedJun 25, 2026

Last enriched2d agov2

Tags

commalwarewindowsmitre att&ck

Trending Score26

Source articles2

Independent1

Info Completeness6/14

Missing: cve_id, versions, cvss, epss, cwe, kev, patch, iocs

Community Vote

0 upvotes0 downvotes

No votes yet

Related CVEs (5)

MEDIUMCVE-2026-20220

Cisco Crosswork Network Controller Remote Code Execution Vulnerability

Cisco Advance Notification for Publication of July 1, 2026, Security Advisories

MEDIUMCVE-2026-20171

Cisco Nexus 3000 and 9000 Series Border Gateway Protocol Denial of Service Vulnerability

MEDIUMCVE-2026-20206

Cisco ThousandEyes BrowserBot Command Injection Vulnerability

MEDIUMCVE-2026-20169

Cisco IoT Field Network Director Command Injection Vulnerability

Pin to Dashboard

Verification

State: reported

Confidence: 56%

Vulnerability Timeline

CVE Published

Jun 25, 2026

Actively Exploited

Jun 25, 2026

Exploit Available

Jun 25, 2026

Discovered by ZDM

Jun 25, 2026

Updated: description, vendor, product, exploitAvailable, activelyExploited

Jun 25, 2026

Version History

v2

Last enriched 2d ago

v2Tier C2d ago

Updated description with new technical details on how Qakbot and WarmCookie exploit COM, and added vendor and product information.

descriptionvendorproductexploitAvailableactivelyExploited

via Cisco Talos

v12d ago

Initial creation