Rejected By Microsoft, 3 Defender Zero-Days Are Now Actively Exploited

The Huntress SOC is observing the use of Nightmare-Eclipse's BlueHammer, RedSun, and UnDefend exploitation techniques. Investigation by: @wbmmfq, @Curity4201, + @_JohnHammond 🧵👇 ...

Hackers are abusing unpatched Windows security flaws to hack into organizations

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit ...

Recently leaked Windows zero-days now exploited in attacks

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or ...

Open-source tool decrypts all private data collected by Windows Recall on Copilot PCs

Alexander Hagenah previously exposed issues affecting Windows Recall with his TotalRecall tool, prompting Microsoft to ...

Dangerous Fake Microsoft Windows Update Confirmed—Do Not Download

As security researchers warn about a dangerous Microsoft Windows update that isn’t legitimate, users must pay close attention ...

Microsoft's Security Response Center is being blamed for the zero-day BlueHammer exploit leak

A zero-day BlueHammer exploit was recently published on GitHub in response to alleged MSRC failures, and although Microsoft ...
Windows Report

CISA Warns of Windows Privilege Escalation Flaw Affecting Windows 11 and Server 2025

New Windows privilege escalation vulnerability added to CISA catalog affects Windows 11 and Server 2025 systems.
Dark Reading

Adobe Patches Actively Exploited Zero-Day That Lingered for Months

An attacker has been using maliciously crafted PDF files to exploit a zero-day in Adobe Acrobat and Reader for at least four ...
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...
WinBuzzer

Windows Zero-Day Published on Github as Microsoft Fails to Act

A researcher has published a Windows zero-day exploit called BlueHammer on GitHub after Microsoft's Security Response Center ...
CSO Online

Patch windows collapse as time-to-exploit accelerates

AI and the industrialization of cybercrime are helping attackers double the number of high- and critical-severity known ...
24/7 Wall St.

CrowdStrike CEO warns AI will trigger explosion of cyber attacks with shrinking patch windows

A previous version of this article stated that this was Crowdstrike’s first-ever positive GAAP net income, which was ...