腾讯网

攻击者可利用的 FortiSandbox 漏洞 PoC 公开,可执行任意命令

网络安全研究人员已公开披露针对 Fortinet 旗下 FortiSandbox 产品高危漏洞(CVE-2026-39808)的概念验证(PoC)利用代码。该漏洞允许未经身份验证的攻击者以 root 最高权限执行任意操作系统命令,且无需任何登录凭证。
CSO Online

Another Microsoft Defender privilege escalation bug emerges days after patch

New PoC shows how Microsoft Defender can be tricked into rewriting malicious files into protected locations, enabling ...
SecurityWeek

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

Threat actors have been exploiting the BlueHammer Microsoft Defender vulnerability as a zero-day to gain System privileges.
Windows Report

RedSun Exploit Hits Microsoft Defender Zero-Day, Grants SYSTEM Access

RedSun exploit targets Microsoft Defender zero-day, granting SYSTEM access on fully patched Windows systems with no patch ...
News9Live on MSN

Windows Snipping Tool flaw exposed: PoC exploit leaks NTLM hashes silently

A critical Windows Snipping Tool vulnerability (CVE-2026-33829) allows attackers to steal Net-NTLM hashes through malicious ...
Cybernews

Disgruntled hacker drops second zero-day Windows Defender exploit just hours after ...

A disgruntled researcher released a second zero-day Windows Defender exploit, dubbed RedSun, shortly after Microsoft patched ...
Dark Reading

'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

The leak online of exploit code for an apparent Windows zero-day flaw dubbed "BlueHammer" could be the sign of a larger issue that security researchers face when collaborating with Microsoft on ...

New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

A researcher known as "Chaotic Eclipse" has published a proof-of-concept exploit for a second Microsoft Defender zero-day, ...