A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

A zero-day BlueHammer exploit was recently published on GitHub in response to alleged MSRC failures, and although Microsoft has released a patch, it was live for two weeks.

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...

Threat actors have been exploiting the BlueHammer Microsoft Defender vulnerability as a zero-day to gain System privileges.

A security researcher known as Chaotic Eclipse recently disclosed a vulnerability dubbed "Red Sun" affecting Microsoft ...

A new report out today from Aim Security Ltd. reveals the first known zero-click artificial intelligence vulnerability that could have allowed attackers to exfiltrate sensitive internal data without ...

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft ...

Microsoft has reported a sharp rise in phishing attacks using QR codes and CAPTCHA pages to bypass security tools, alongside a new 'ClickFix' scam that tricks users into installing malware via fake ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, August 10, 2025: This story, originally published on ...

Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is ...

Windows 11 security is now complete, with Defender replacing third-party antivirus through built-in real-time and behavioral ...