Dark Reading

Exploits Turn Windows Defender Into Attacker Tool

Threat actors are using three publicly available proof-of-concept exploits to attack Microsoft Defender and turn the security platform's primary cleanup and protection functions against organizations ...
CSOonline

Another Microsoft Defender privilege escalation bug emerges days after patch

New PoC shows how Microsoft Defender can be tricked into rewriting malicious files into protected locations, enabling SYSTEM-level privilege escalation on fully patched Windows systems. Days after ...
CSOonline

Microsoft feud escalates as researcher drops new Windows zero-day

The long-running feud between Microsoft and security researcher Nightmare Eclipse has entered a new chapter. Eclipse, who has spent the past several months publicly releasing unpatched Windows ...
techtimes

Microsoft Defender Zero-Days Patched: RedSun, UnDefend Exploits Already Used in Live Intrusions

Microsoft pushed out-of-band patches on May 21, 2026, for two actively exploited Windows Defender zero-days — one that lets a low-privileged attacker seize full SYSTEM-level control of any Windows ...