Angry Hacker Drops Microsoft Zero-Day Exploit, 1 Billion Users Warned

A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I'm not explaining how this works.” ...
The Hacker News

Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.
eWeek

Microsoft Defender Flaws Exploited on Windows, Two Left Unpatched

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft ...
Dark Reading

Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation

A researcher discovered five different exploit paths that stem from an architectural weakness in Windows' Remote Procedure ...

Microsoft Confirms Windows Flaw Is Being Exploited After Incomplete Patch

Microsoft confirmed a Windows zero-click flaw tied to an incomplete patch is being exploited, putting credentials at risk for ...
Fox News

Windows update flaw could be a hidden gateway to zombie vulnerabilities

Researchers have discovered a new way hackers could use to exploit Windows devices. They have found a vulnerability in your PC’s operating system that could let threat actors downgrade it to an older ...

Hackers are abusing unpatched Windows security flaws to hack into organizations

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit them. Now, hackers are taking advantage of the vulnerabilities in real life ...
Bleeping Computer

Windows Server emergency patches fix WSUS bug with PoC exploit

Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is ...
HotHardware

Windows Admins Are Urged To Patch This TCP/IP Zero Click Security Exploit

This one's important, so let's get right to it: a new security flaw in all versions of Windows opens the door for a wormable remote code execution vulnerability. That means it can be exploited by an ...
VentureBeat

Shrink exploit windows, slash MTTP: Why ring deployment is now a must for enterprise defense

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Unpatched systems are a ticking time bomb.
Dark Reading

Exploits Turn Windows Defender Into Attacker Tool

Threat actors are using three publicly available proof-of-concept exploits to attack Microsoft Defender and turn the security platform's primary cleanup and protection functions against organizations ...
Bleeping Computer

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, dubbed "RedSun," in the past two weeks, protesting how the company works with ...