Advertisement
Microsoft Defender CVE-2026-41091 Privilege Escalation Exploited
Microsoft warns of active exploitation of CVE-2026-41091 in Defender, a privilege escalation flaw allowing attackers to gain SYSTEM privileges on Windows.
CVE-2024-21338: Microsoft Defender Zero-Day Exploited by Lazarus
Microsoft patches two zero-day vulnerabilities in Defender and SmartScreen exploited by Lazarus Group for privilege escalation and malware delivery.
Managed Threat Hunting: CrowdStrike OverWatch for Microsoft Defender
Runtime Rebel analyzes CrowdStrike's new Falcon OverWatch for Defender, detailing how it enhances threat hunting for Microsoft Defender users and boosts defenses.
Microsoft Defender DigiCert False Positive: Trojan:Win32/Cerdigent.A!dha
Microsoft Defender is incorrectly identifying DigiCert root certificates as the Cerdigent trojan, causing certificate removal and enterprise disruptions.
CVE-2026-33825: Microsoft Defender Access Control Exploit Analysis
CISA adds CVE-2026-33825 to the KEV catalog following active exploitation of Microsoft Defender's access control mechanisms. Learn how to secure your systems.
Microsoft Defender Binaries Exploited as Attack Tools
Security researchers have identified methods to subvert Microsoft Defender binaries for malicious code execution and EDR bypass. Learn how to defend.
Microsoft Defender RedSun Zero-Day PoC Grants SYSTEM Privileges
Security researcher Chaotic Eclipse releases the RedSun zero-day PoC for Microsoft Defender, enabling local privilege escalation to SYSTEM on Windows devices.
CrowdStrike Falcon Next-Gen SIEM Adds Microsoft Defender Support
CrowdStrike expands Falcon Next-Gen SIEM capabilities to ingest third-party EDR telemetry, starting with Microsoft Defender to improve SOC visibility.
Fake Next.js Job Interview Tests Backdoor Developers
Microsoft Defender discovered a campaign where malicious Next.js job interview tests backdoor developers' devices, posing a supply chain risk.