CSO Online

Caught, Quarantined, Re-installed: RedSun turns Microsoft Defender on itself

New PoC shows how Microsoft Defender can be tricked into rewriting malicious files into protected locations, enabling ...

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, ...

Microsoft adds Windows protections for malicious Remote Desktop files

Microsoft has introduced new Windows protections to defend against phishing attacks that abuse Remote Desktop connection ...

Researchers warn Microsoft Defender vulnerability is already being exploited

A security researcher known as Chaotic Eclipse recently disclosed a vulnerability dubbed "Red Sun" affecting Microsoft ...

Rejected By Microsoft, 3 Defender Zero-Days Are Now Actively Exploited

The Huntress SOC is observing the use of Nightmare-Eclipse's BlueHammer, RedSun, and UnDefend exploitation techniques. Investigation by: @wbmmfq, @Curity4201, + @_JohnHammond 🧵👇 ...

Unpatched Microsoft Defender flaw lets hackers gain admin access

A security researcher has published a working exploit for a Microsoft Defender security flaw that affects Windows 10, 11, and ...
Windows Report

Windows Installation Media Gets New Defender Update With Latest Threat Protection

Microsoft updates Defender in Windows install media to block threats during setup and close early security gaps.

Hackers are abusing unpatched Windows security flaws to hack into organizations

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit ...
The Hacker News

Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

Microsoft fixes 169 vulnerabilities including exploited SharePoint CVE-2026-32201, prompting CISA remediation by April 28, ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

Microsoft fixes 167 security flaws in April, second biggest Patch Tuesday ever

This month's Patch Tuesday includes an actively exploited Office zero-day vulnerability and several critical RCE bugs in ...