A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...

A zero-day BlueHammer exploit was recently published on GitHub in response to alleged MSRC failures, and although Microsoft has released a patch, it was live for two weeks.

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...

Threat actors have been exploiting the BlueHammer Microsoft Defender vulnerability as a zero-day to gain System privileges.

A new report out today from Aim Security Ltd. reveals the first known zero-click artificial intelligence vulnerability that could have allowed attackers to exfiltrate sensitive internal data without ...

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, August 10, 2025: This story, originally published on ...

With April’s Patch Tuesday hitting just yesterday, Microsoft released updates to address 167 security vulnerabilities. This is the second highest number of vulnerabilities ever patched on a Patch ...

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit ...

Microsoft has released out-of-band (OOB) security updates to patch a critical-severity Windows Server Update Service (WSUS) vulnerability with publicly available proof-of-concept exploit code. WSUS is ...

Microsoft is once again in the cybersecurity spotlight, acknowledging Tuesday morning that hackers linked to China are among those exploiting vulnerabilities in on-premises SharePoint software, the ...