CISA confirmed on Monday that ransomware gangs are now exploiting a Microsoft Defender privilege escalation vulnerability, dubbed BlueHammer, that has previously been abused in zero-day attacks.
CISA says ransomware gangs are exploiting Microsoft Defender’s BlueHammer flaw, patched in April 2026 after zero-day reports.
BlueHammer became public on April 2 in an unusual fashion. A researcher using the names Chaotic Eclipse and Nightmare Eclipse ...
Windows Defender "BlueHammer" vulnerability now exploited as part of malware campaigns — event demonstrates lack of security ...
Arctic Wolf says Anubis affiliates abused RMM tools, VPN logins, RDP, PsExec, and cloud-transfer tools before ransomware ...
Official support for Windows 10 has ended, and its security certificates are expiring. Your system is at risk, and Microsoft ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Blackpoint says Avalon uses Proton Drive, ISO images, LNK files, and MSBuild to disable ETW, steal credentials, and deploy CrownX ransomware.
Microsoft Windows offers multiple layers of protection to help defend against modern cyber risks. This guide covers key security technologies, including Defender Antivirus, Smart App Control, and ...
The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.
Antivirus software used to hunt for known malware, but now it’s predicting suspicious behavior before an attack fully lands.
Cyber attacks used to feel distant. They were something that happened to big banks or government agencies. Not anymore. Ransomware hits hospitals. Phishing emails slip into small business inboxes.