CRITICALZero Day
Global

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

·Source: The Hacker News

Updated:

Executive Summary

Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse (

Analysis

Huntress is warning that threat actors are exploiting three recently disclosed security flaws in Microsoft Defender to gain elevated privileges in compromised systems. The activity involves the exploitation of three vulnerabilities that are codenamed BlueHammer (requires GitHub sign-in), RedSun, and UnDefend, all of which were released as zero-days by a researcher known as Chaotic Eclipse (
Source Attribution

Originally published by The Hacker News on Apr 17, 2026.

Related Threats

CRITICALZero Day

Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities

Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks. The post Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities appeared first on SecurityWeek .

CVE-2025-48595
SecurityWeek
CRITICALZero Day

Google fixes one actively exploited Android zero-day, 124 flaws

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]

BleepingComputer
CRITICALZero Day

Microsoft Threatening Security Researcher

An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft has threatened legal action against the researcher. Lots of recriminations are being traded back and forth.

Schneier on Security