// Microsoft 365HIGH
CVE-2026-33825 (BlueHammer), a privilege escalation vulnerability in Microsoft Defender, is actively exploited in ransomware campaigns. The flaw was disclosed April 2 and patched April 14, 2026. CISA's Known Exploited Vulnerabilities catalog was recently updated to confirm ransomware activity. The vulnerability requires authenticated access but enables attackers to escalate privileges, disable defenses, and move laterally within compromised environments.
// Get alerts for Microsoft 365