2 New Microsoft Defender Zero-Days Exploited—Patch Now Rolling Out

Microsoft has confirmed an emergency security update as CISA warns that two new Defender zero-days are being exploited by attackers.
Dark Reading

Exploits Turn Windows Defender Into Attacker Tool

Threat actors are using three publicly available proof-of-concept exploits to attack Microsoft Defender and turn the security platform's primary cleanup and protection functions against organizations ...
CSO Online

Microsoft says you don’t need another email security tool; experts say, not so fast

New benchmark claims Microsoft Defender catches nearly all malicious email on its own, with integrated third-party tools ...
Bleeping Computer

Microsoft warns of new Defender zero-days exploited in attacks

Update May 25, 04:19 EDT: CVE-2026-41091 is a Microsoft Defender local privilege escalation (LPE) flaw known as RedSun, and CVE-2026-45498 is known as UnDefend, a security flaw that can be exploited ...

Build 2026: Microsoft's MDASH exits preview with 100+ specialized threat-hunting AI agents

Build 2026: Microsoft's MDASH exits preview with 100+ specialized threat-hunting AI agents ...
PC World

Microsoft Exchange hacked, Defender broken, BitLocker bypassed

PCWorld reports that Microsoft faces multiple critical security breaches, including an actively exploited Exchange Server spoofing vulnerability and a BitLocker bypass exploit called YellowKey. The ...