Recently leaked Windows zero-days now exploited in attacks

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or ...

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...

Unpatched Microsoft Defender flaw lets hackers gain admin access

A security researcher has published a working exploit for a Microsoft Defender security flaw that affects Windows 10, 11, and ...

Best Antivirus Software for Windows PCs in 2026

Discover the highest ranked antivirus programs for Windows 10 and 11. See whether you need to save or splurge to protect your ...
The Hacker News

ThreatsDay Bulletin: Defender 0-Day, SonicWall Brute-Force, 17-Year-Old Excel RCE and 15 More Stories

This week's biggest hacks, zero-days, supply chain attacks, crypto theft, ransomware hits, and critical patches — all in one ...

From the BlueHammer author: New Windows zero-day grants admin rights

The exploit uses an insecure behavior of Windows Defender and a file API to secure system rights. It is still unpatched.

Dangerous Fake Microsoft Windows Update Confirmed—Do Not Download

As security researchers warn about a dangerous Microsoft Windows update that isn’t legitimate, users must pay close attention ...
CSO Online

Microsoft’s Windows Recall still allows silent data extraction

A cybersecurity researcher says Recall’s redesigned security model does not stop same-user malware from accessing plaintext ...
Cybernews

Disgruntled hacker drops second zero-day Windows Defender exploit just hours after Microsoft patches first one

A disgruntled researcher released a second zero-day Windows Defender exploit, dubbed RedSun, shortly after Microsoft patched ...

Microsoft's Security Response Center is being blamed for the zero-day BlueHammer exploit leak

A zero-day BlueHammer exploit was recently published on GitHub in response to alleged MSRC failures, and although Microsoft ...

Microsoft Issues Massive Windows Patch for 160+ Bugs, Including Two Zero-Days

Microsoft’s April 2026 Patch Tuesday fixes 165 vulnerabilities, including two zero-days, in one of the company’s largest ...