Newspaper

← Back to digest
Cybersecurity & Privacy

Three Microsoft Defender Zero-Days Exploited

18 April 2026 · 1 sources

Security researchers have revealed active exploitation of three zero-day vulnerabilities in Microsoft Defender, named BlueHammer, RedSun, and UnDefend. While Microsoft patched BlueHammer (CVE-2026-33825) in this week's update, RedSun and UnDefend remain unpatched, leaving systems at risk. Threat actors are using these flaws to escalate privileges and disrupt updates, prompting urgent isolation measures by cybersecurity firms. The situation underscores the critical need for rapid patching and vigilance as attacks continue.

Sources (1)

Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched The Hacker News (Security) 17 Apr 2026, 13:21

More from Cybersecurity & Privacy

  • NIST Cuts Back on CVE Enrichment Amid Surge

    The National Institute of Standards and Technology (NIST) has announced a major policy shift, limiting automatic enrichment of CVEs in the National Vulnerability Database to only high-priority vulnerabilities. This change comes after a staggering 263% increase in vulnerability submissions from 2020 to 2025, overwhelming NIST's capacity. Now, only CVEs linked to critical software, federal government use, or listed in CISA's Known Exploited Vulnerabilities catalog will receive detailed analysis. This move signals a strategic focus on systemic risks, leaving many lesser vulnerabilities unenhanced, and reshaping the vulnerability management landscape going forward.

  • Cal.com Closes Code Over AI Risks

    Cal.com, the scheduling automation platform, has halted publishing its full source code due to rising security threats amplified by AI's ability to quickly find vulnerabilities and create exploits. This shift aims to protect their SaaS platform's data from increasingly sophisticated AI-driven attacks. Instead, they released a limited open-source fork, cal.diy, under the MIT license, offering basic functionality but lacking enterprise features. This move marks a significant change in open-source strategy driven by AI's impact on cybersecurity. The community will maintain the fork while Cal.com focuses on securing its core product.

  • Standard Bank Faces Massive Data Breach

    Standard Bank is grappling with a severe cyberattack that exposed sensitive customer data, including credit card numbers and personal identification details. The breach, which leaked over 154 million rows of data, has prompted the bank to replace affected cards and boost security measures. Customers are urged to stay alert as investigations continue and authorities are involved. The fallout could reshape trust in South Africa's largest lender.

  • Urgent Patch Needed for 13-Year Apache Bug

    CISA has issued a critical directive for federal agencies to patch a 13-year-old vulnerability in Apache ActiveMQ by April 30, following active exploitation in the wild. The flaw, CVE-2026-34197, allows remote code execution through the Jolokia API and affects thousands of publicly exposed servers, many still using default credentials. This long-hidden bug has turned a messaging broker into a potential attack vector, demanding immediate action to prevent further breaches.

← Back to digest