A security researcher frustrated with Microsoft has released the BlueHammer Windows zero-day exploit, telling the company, “I ...

A researcher discovered five different exploit paths that stem from an architectural weakness in Windows' Remote Procedure ...

CVE-2026-32202 actively exploited after April 27 advisory fix, exposing NTLMv2 hashes via zero-click SMB authentication.

RedSun exploit targets Microsoft Defender zero-day, granting SYSTEM access on fully patched Windows systems with no patch ...

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, ...

A zero-day BlueHammer exploit was recently published on GitHub in response to alleged MSRC failures, and although Microsoft ...

The exploit uses an insecure behavior of Windows Defender and a file API to secure system rights. It is still unpatched.

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, May 15, 2025: This story, originally published May 14, ...

The leak online of exploit code for an apparent Windows zero-day flaw dubbed "BlueHammer" could be the sign of a larger issue that security researchers face when collaborating with Microsoft on ...

Although the team with Microsoft moved swiftly to patch the BlueHammer vulnerability, other exploits still threaten Microsoft ...

A new exploit has been found that allows attackers to use Notepad, one of the most trusted applications on Windows, to elevate their privileges to an administrator and bypass security. Experts say ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Unpatched systems are a ticking time bomb.