Latest news

CVE-2026-50656: Microsoft Confirms Defender ‘RoguePlanet’ Zero-Day — No Patch Available Yet
Vulnerability

CVE-2026-50656: Microsoft Confirms Defender ‘RoguePlanet’ Zero-Day — No Patch Available Yet

19 June 2026 dark6

Microsoft has confirmed CVE-2026-50656, a zero-day TOCTOU race condition in Microsoft Defender dubbed 'RoguePlanet,' that allows low-privilege attackers to escalate...
CISA Adds Two Actively Exploited Microsoft Defender Zero-Days to KEV Catalog — Patch by June 3
Vulnerability

CISA Adds Two Actively Exploited Microsoft Defender Zero-Days to KEV Catalog — Patch by June 3

23 May 2026 dark6

CISA has added two critical Microsoft Defender vulnerabilities — CVE-2026-45498 and CVE-2026-41091 — to its Known Exploited Vulnerabilities catalog following...
Microsoft Defender False Positive Quarantines DigiCert Root Certificates, Risks Breaking SSL Across Enterprise Networks
Vulnerability

Microsoft Defender False Positive Quarantines DigiCert Root Certificates, Risks Breaking SSL Across Enterprise Networks

4 May 2026 dark6

A faulty Microsoft Defender antimalware definition update incorrectly flagged two legitimate DigiCert root certificates as malware, automatically quarantining them from...
PoC Exploit Leaked for Unpatched Windows Privilege Escalation Zero-Day ‘BlueHammer’
Vulnerability

PoC Exploit Leaked for Unpatched Windows Privilege Escalation Zero-Day ‘BlueHammer’

13 April 2026 dark6

A disgruntled researcher has published a working exploit for BlueHammer, an unpatched Windows local privilege escalation zero-day that abuses Windows...