2 reports · 2 sources · tracked since 7h ago Actively exploited

CISA: Windows BlueHammer flaw now exploited by ransomware gangs

AI synthesis CISA: Ransomware gangs now exploit the BlueHammer Microsoft Defender vulnerability (CVE-2026-33825), previously used in zero-day attacks.

ransomwarevulnerabilityzero daymicrosoft CVE-2026-33825

Why this ranks Transparent score: 19

coverage +6 source breadth +4 urgency +5 freshness +4

What changed

Coverage timeline

Every report remains linked to its original publisher.

BleepingComputer Jun 30, 2026, 8:53 AM UTC First observed

CISA: Windows BlueHammer flaw now exploited by ransomware gangs ↗

CISA confirmed on Monday that ransomware gangs are now exploiting a Microsoft Defender privilege escalation vulnerability, dubbed BlueHammer, that has previously been abused in zero-day attacks. [...]
SecurityWeek Jun 30, 2026, 1:56 PM UTC Coverage expanded

BlueHammer Vulnerability Exploited in Ransomware Attacks ↗

The Microsoft Defender vulnerability CVE-2026-33825 was exploited in the wild as a zero-day before patches were released. The post BlueHammer Vulnerability Exploited in Ransomware Attacks appeared first on SecurityWeek.

Coverage timeline

CISA: Windows BlueHammer flaw now exploited by ransomware gangs ↗

BlueHammer Vulnerability Exploited in Ransomware Attacks ↗