Tag: Microsoft Defender

Breaking the code: how a multi-stage “code of conduct” phishing campaign led to AiTM token compromise

Cybersecurity, Hacking and Exploits, Microsoft Leave a comment
Breaking the code: how a multi-stage “code of conduct” phishing campaign led to AiTM token compromise

Phishing has evolved from crude scams to carefully engineered deceptions that mimic trusted internal processes. In mid‑April 2026, Microsoft Defender Research observed a large, multi‑stage campaign that did exactly that: it masqueraded as internal “code of conduct” notifications, used polished templates and legitimate delivery services, and funneled victims through a sequence of CAPTCHA and staging pages that ultimately proxied real

Continue

Recently Leaked Windows Zero-Days Now Being Actively Exploited: What You Need to Know

Cybersecurity, Hacking and Exploits, Microsoft Leave a comment
Recently Leaked Windows Zero-Days Now Being Actively Exploited: What You Need to Know

Threat actors have begun abusing three recently disclosed Windows vulnerabilities to escalate privileges and interfere with Microsoft Defender, shifting a theoretical disclosure debate into a real-world security crisis. A security researcher known as “Chaotic Eclipse” (also called “Nightmare-Eclipse”) released proof-of-concept exploit code for all three flaws earlier this month, and multiple security teams have since observed the techniques used in

Continue

RedSun: New Microsoft Defender Zero-Day Lets Unprivileged Users Gain SYSTEM Access

Cybersecurity, Hacking and Exploits, Microsoft, Server and Virtualisation Leave a comment
RedSun: New Microsoft Defender Zero-Day Lets Unprivileged Users Gain SYSTEM Access

A freshly disclosed zero-day vulnerability in Microsoft Defender, dubbed “RedSun,” has raised alarms across enterprise security teams: an unprivileged user can escalate to full SYSTEM-level access on fully patched Windows systems. The flaw was detailed publicly in April 2026 by a researcher known as “Chaotic Eclipse” (also referenced as Nightmare‑Eclipse on GitHub). Independent verification from vulnerability analyst Will Dormann confirms

Continue

What’s New in Microsoft Defender: AI Triage, Predictive Hardening, and Call Monitoring — What IT Teams Should Know

Automation, Cybersecurity, Microsoft, Scripts and Coding Leave a comment
What’s New in Microsoft Defender: AI Triage, Predictive Hardening, and Call Monitoring — What IT Teams Should Know

Microsoft used RSA 2026 to roll out a wave of Defender enhancements that are already changing how security teams detect, investigate, and respond to risk. The announcements bundle intuitive UX changes—like a consolidated identity dashboard—with more consequential shifts: AI-driven triage and automated hardening that can act proactively on predicted attacker movement. These features promise speed and scale, but they also

Continue