Hackers are abusing unpatched Windows security flaws to hack into organizations

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit ...
Hackaday

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...
CSO Online

Caught, Quarantined, Re-installed: RedSun turns Microsoft Defender on itself

New PoC shows how Microsoft Defender can be tricked into rewriting malicious files into protected locations, enabling ...
Cybernews

Hackers dodging security tools by dropping secret QEMU virtual machines inside Windows

Hackers are dodging Windows security tools by running secret Linux virtual machines with QEMU, an open-source virtualizer.

Recently leaked Windows zero-days now exploited in attacks

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or ...

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, ...

Unpatched Microsoft Defender flaw lets hackers gain admin access

A security researcher has published a working exploit for a Microsoft Defender security flaw that affects Windows 10, 11, and ...

Dangerous Fake Microsoft Windows Update Confirmed—Do Not Download

As security researchers warn about a dangerous Microsoft Windows update that isn’t legitimate, users must pay close attention ...