Sophos reported that the Cuba ransomware group used malicious hardware devices certified by Microsoft’s Windows Hardware Developer Program in an attack that abuses OWASSRF vulnerability.