// Alert

Microsoft Azure threat report

Multiple unpatched zero-day vulnerabilities in Microsoft Windows and Microsoft Defender are actively exploited in the wild. BlueHammer (CVE-2026-33825), RedSun, and UnDefend enable privilege escalation and defense evasion. Real-world intrusions have been observed using these exploits following public PoC disclosure, with attackers gaining SYSTEM privileges, deploying tunneling malware (BeigeBurrow), and establishing command-and-control connections from Russia, Singapore, and Switzerland. RedSun and UnDefend remain unpatched as of June 2026.

// Get alerts for Microsoft Azure