diff --git a/.github/workflow_data/hotfix.py b/.github/workflow_data/hotfix.py
new file mode 100644
index 000000000..fd04d7151
--- /dev/null
+++ b/.github/workflow_data/hotfix.py
@@ -0,0 +1,83 @@
+#!/usr/bin/env python
+import datetime as dt
+import requests
+import pathlib
+import json
+import sys
+import os
+import re
+
+if __name__ == "__main__":
+    with open(os.environ["GITHUB_EVENT_PATH"], "r") as f:
+        event = json.load(f)
+
+    release = requests.get(
+        event["repository"]["releases_url"].rsplit("{/")[0] + "latest",
+        headers={
+            "Accept": "application/vnd.github.v3+json",
+            "Authorization": f"token {os.environ['GITHUB_TOKEN']}"
+        }
+    ).json()
+
+    artifacts = (
+        os.environ['ARTIFACT_TGZ'],
+        os.environ['ARTIFACT_ZIP']
+    )
+
+    for asset in release["assets"]:
+        if asset["name"] in artifacts:
+            req = requests.delete(
+                asset["url"],
+                headers={
+                    "Accept": "application/vnd.github.v3+json",
+                    "Authorization": f"token {os.environ['GITHUB_TOKEN']}"
+                }
+            )
+            if not req.ok:
+                print(f"{req.url = }\n{req.status_code = }\n{req.content = }")
+                sys.exit(1)
+
+    for artifact in artifacts:
+        req = requests.post(
+            release["upload_url"].rsplit("{?", 1)[0],
+            headers={
+                "Accept": "application/vnd.github.v3+json",
+                "Authorization": f"token {os.environ['GITHUB_TOKEN']}"
+            },
+            params={
+                "name": artifact
+            },
+            data=pathlib.Path(artifact).read_bytes()
+        )
+        if not req.ok:
+            print(f"{req.url = }\n{req.status_code = }\n{req.content = }")
+            sys.exit(1)
+
+    hotfix_time = dt.datetime.now().strftime(r"%d-%m-%Y %H:%M")
+    hotfix_desc = event['pull_request']['body']
+    hotfix = f"- `{hotfix_time}`: {hotfix_desc}\n"
+
+    body = release["body"]
+    body = re.sub(
+        r"(https://lab\.flipper\.net/\?url=).*?(&channel=XFW-Updater&version=" + os.environ['VERSION_TAG'] + r")",
+        r"\1" + os.environ['ARTIFACT_WEB'] + r"\2",
+        body
+    )
+    body = body.replace("<!--- <HOTFIXES>\n", "")
+    body = body.replace("\n<HOTFIXES> -->", "")
+    insert = body.find("\n  [//]: <NEXT_HOTFIX>\n")
+    body = body[:insert] + hotfix + body[:insert]
+
+    req = requests.patch(
+        release["url"],
+        headers={
+            "Accept": "application/vnd.github.v3+json",
+            "Authorization": f"token {os.environ['GITHUB_TOKEN']}"
+        },
+        json={
+            "body": body
+        }
+    )
+    if not req.ok:
+        print(f"{req.url = }\n{req.status_code = }\n{req.content = }")
+        sys.exit(1)
diff --git a/.github/workflow_data/release.md b/.github/workflow_data/release.md
index 1297de39a..07a6936de 100644
--- a/.github/workflow_data/release.md
+++ b/.github/workflow_data/release.md
@@ -11,6 +11,14 @@
 ## 🚀 Changelog
 {CHANGELOG}
 
+<!--- <HOTFIXES>
+### Hotfixes:
+
+  [//]: <NEXT_HOTFIX>
+
+  **If you have any of the above issues, please re-download and re-install!**
+<HOTFIXES> -->
+
 ## ❤️ Support
 If you like what you're seeing, **please consider donating to us**. We won't ever put this behind a paywall, but we'd still appreciate a few bucks!
 
diff --git a/.github/workflow_data/webupdater.py b/.github/workflow_data/webupdater.py
index 3004da749..eecbf2282 100644
--- a/.github/workflow_data/webupdater.py
+++ b/.github/workflow_data/webupdater.py
@@ -6,6 +6,10 @@ if __name__ == "__main__":
     client.login(os.environ["NC_USER"], os.environ["NC_PASS"])
     file = os.environ["NC_FILE"]
     path = os.environ["NC_PATH"] + file
+    try:
+        client.delete(path)
+    except Exception:
+        pass
     client.put_file(path, file)
     share_link = client.share_file_with_link(path).get_link()
     download_link = share_link.rstrip("/") + "/download/" + file
diff --git a/.github/workflows/hotfix.yml b/.github/workflows/hotfix.yml
new file mode 100644
index 000000000..82fb6fa30
--- /dev/null
+++ b/.github/workflows/hotfix.yml
@@ -0,0 +1,63 @@
+name: "Hotfix integration"
+
+on:
+  pull_request_review:
+    types: [submitted]
+
+env:
+  TARGETS: f7
+  DEFAULT_TARGET: f7
+
+jobs:
+  hotfix:
+    if: |
+      github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name &&
+      endsWith(github.event.pull_request.title, ' Hotfix') &&
+      github.event.review.author_association == 'OWNER' &&
+      startsWith(github.event.pull_request.title, 'V') &&
+      github.event.pull_request.base.ref == 'main' &&
+      github.event.pull_request.head.ref == 'dev' &&
+      github.event.pull_request.state == 'open' &&
+      github.event.pull_request.draft == false &&
+      github.event.review.state == 'APPROVED'
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+    steps:
+
+      - name: 'Checkout code'
+        uses: actions/checkout@v3
+        with:
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.sha }}
+
+      - name: 'Build the firmware'
+        run: |
+          set -e
+          for TARGET in ${TARGETS}; do
+            TARGET="$(echo "${TARGET}" | sed 's/f//')"; \
+            ./fbt TARGET_HW=$TARGET updater_package
+          done
+
+      - name: "Check for uncommitted changes"
+        run: |
+          git diff --exit-code
+
+      - name: "Read version tag"
+        run: bash .github/workflow_data/version.sh
+
+      - name: "Make tgz, zip and webupdater"
+        run: bash .github/workflow_data/package.sh
+        env:
+          NC_HOST: "https://cloud.cynthialabs.net/"
+          NC_USER: "${{ secrets.NC_USER }}"
+          NC_PASS: "${{ secrets.NC_PASS }}"
+
+      - name: "Upload hotfix"
+        run: python .github/workflow_data/hotfix.py
+
+      - name: "Merge pull request"
+        uses: "pascalgn/automerge-action@v0.15.6"
+        env:
+          MERGE_LABELS: ""
+          GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"