CISA Confirms Ransomware Exploitation of Microsoft Defender 'BlueHammer' Vulnerability (CVE-2026-33825)
The Cybersecurity and Infrastructure Security Agency (CISA) has confirmed that ransomware gangs are actively exploiting a high-severity privilege escalation vulnerability in Microsoft Defender, tracked as 'BlueHammer' (CVE-2026-33825). This flaw, which was previously abused in zero-day attacks, allows an authenticated attacker to elevate privileges locally, potentially gaining full control of targeted Windows systems. Microsoft released patches for this vulnerability in April 2026.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.