A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...

A researcher discovered five different exploit paths that stem from an architectural weakness in Windows' Remote Procedure ...

Microsoft confirmed a Windows zero-click flaw tied to an incomplete patch is being exploited, putting credentials at risk for ...

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

RedSun exploit targets Microsoft Defender zero-day, granting SYSTEM access on fully patched Windows systems with no patch ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to secure their Windows systems ...

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft ...

The exploit uses an insecure behavior of Windows Defender and a file API to secure system rights. It is still unpatched.

Microsoft's partial patching in February 2026 of a zero-day vulnerability abused by Russian state-sponsored threat group ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Unpatched systems are a ticking time bomb.

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...