Recently leaked Windows zero-days now exploited in attacks

Recently leaked Windows zero-days now exploited in attacks

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or elevated administrator permissions.

Microsoft Defender 0-Day Vulnerability “RedSun” Enables Full SYSTEM Access

A newly disclosed zero-day vulnerability in Microsoft Defender, dubbed “RedSun,” allows an unprivileged user to escalate privileges to full SYSTEM-level access on fully patched Windows 10, Windows 11, and Windows Server 2019 and later systems, and as of now, remains unpatched. RedSun is the second zero-day exploit published within a two-week span in April 2026 […] The post Microsoft Defender 0-Day Vulnerability “RedSun” Enables Full SYSTEM Acces…

New PoC Exploit Published for Microsoft Defender 0-Day Flaw

A security researcher operating under the alias “Chaotic Eclipse” has publicly released a proof-of-concept (PoC) exploit for a vulnerability in Microsoft Defender. Published on April 15, 2026, the exploit targets a flaw in CVE-2026-33825, a recently patched vulnerability. The uncoordinated release highlights an escalating conflict between independent security researchers and Microsoft’s vulnerability disclosure programs. Public drops of this nat…

Unpatched Microsoft Defender flaw lets hackers gain admin access

A security researcher has published a working exploit for a Microsoft Defender security flaw that affects Windows 10, 11, and Server.