#bluehammer — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #bluehammer, aggregated by home.social.
-
EVERYONE GETS AN LPE
Windows:
#BlueHammer (#CVE_2026_33825)
#RedSun (#CVE_2026_41091)
#UnDefend (#CVE_2026_45498)
#WindowsInstaller (#CVE_2026_27910):Linux:
#CopyFail (#CVE_2026_31431)
#SSHKeysignPwn (#CVE_2026_46333)FreeBSD:
#FatGid (#CVE_2026_45250)
#ExecveBug (#CVE_2026_7270) -
EVERYONE GETS AN LPE
Windows:
#BlueHammer (#CVE_2026_33825)
#RedSun (#CVE_2026_41091)
#UnDefend (#CVE_2026_45498)
#WindowsInstaller (#CVE_2026_27910):Linux:
#CopyFail (#CVE_2026_31431)
#SSHKeysignPwn (#CVE_2026_46333)FreeBSD:
#FatGid (#CVE_2026_45250)
#ExecveBug (#CVE_2026_7270) -
📢 Chercheur 'Nightmare-Eclipse' publie plusieurs 0-days Microsoft en représailles contre MSRC
📝 ## 🔍 ContexteSource : blog personnel « Chaotic Eclipse » (deadeclipse666.blogspot.com), publications entre le 2 avril et le 13 mai 2026.
📖 cyberveille : https://cyberveille.ch/posts/2026-05-13-chercheur-nightmare-eclipse-publie-plusieurs-0-days-microsoft-en-represailles-contre-msrc/
🌐 source : https://deadeclipse666.blogspot.com/
#0_day #BlueHammer #Cyberveille -
We'll install MS Defender on your VMs, they said.
It will make them more secure, they said.#infosec #Defender #MicrosoftDefender
#RedSun #BlueHammer #UnDefend -
We'll install MS Defender on your VMs, they said.
It will make them more secure, they said.#infosec #Defender #MicrosoftDefender
#RedSun #BlueHammer #UnDefend -
#CISA orders feds to patch #BlueHammer flaw exploited as zero-day
-
#CISA orders feds to patch #BlueHammer flaw exploited as zero-day
-
This Week in Security: Annoyed Researchers, Dangling DNS, and Hacks that Could Have Been Worse
-
CISA Mandates Patching of Exploited BlueHammer Flaw in Federal Systems
Don't let your federal systems become an easy target: CISA is mandating the patching of the exploited BlueHammer flaw to prevent malicious cyber actors from gaining a foothold. A high-severity vulnerability in Microsoft Defender can allow low-privileged users to gain SYSTEM permissions - but a patch is available.
#Cve202633825 #Bluehammer #MicrosoftDefender #PatchTuesday #PrivilegeEscalation
-
Ungepatchte #Windows :windows: -Zero-Days #RedSun, #UnDefend und #BlueHammer werden attackiert | Security https://www.heise.de/news/Ungepatchte-Windows-Zero-Days-RedSun-UnDefend-und-BlueHammer-werden-attackiert-11263691.html #exploit #ZeroDay #0day
-
Ungepatchte #Windows :windows: -Zero-Days #RedSun, #UnDefend und #BlueHammer werden attackiert | Security https://www.heise.de/news/Ungepatchte-Windows-Zero-Days-RedSun-UnDefend-und-BlueHammer-werden-attackiert-11263691.html #exploit #ZeroDay #0day
-
Vom #BlueHammer-Autor: Neuer #Windows :windows: -#Zeroday verschafft Adminrechte | Security https://www.heise.de/news/Vom-BlueHammer-Autor-Neuer-Windows-Zeroday-verschafft-Adminrechte-11260913.html #0day #RedSun #exploit #Microsoft #MicrosoftWindows :windows:
-
Vom #BlueHammer-Autor: Neuer #Windows :windows: -#Zeroday verschafft Adminrechte | Security https://www.heise.de/news/Vom-BlueHammer-Autor-Neuer-Windows-Zeroday-verschafft-Adminrechte-11260913.html #0day #RedSun #exploit #Microsoft #MicrosoftWindows :windows:
-
https://www.europesays.com/pl/373814/ Windows znowu na celowniku. Hakerzy korzystają z nowej luki #AtakHakerski #Bezpieczeństwo #BlueHammer #cyberbezpieczenstwo #hakerzy #microsoft #Nauka #NaukaITechnika #NaukaTechnika #PL #Poland #Polish #Polska #Polski #Science #ScienceAndTechnology #ScienceTechnology #Technika #Technology #windows
-
#BlueHammer wurde zum 14. April 2026 als Defender Schwachstelle gepatcht. Hier meine Nachlese samt Link auf eine Fortra-Analyse.
-
#BlueHammer wurde zum 14. April 2026 als Defender Schwachstelle gepatcht. Hier meine Nachlese samt Link auf eine Fortra-Analyse.
-
Pissing off a hacker is never a good idea. The #BlueHammer researcher has dropped another one, abusing Microsoft Defender's dorky behaviour to gain NT Authority privileges.
https://github.com/Nightmare-Eclipse/RedSun
#Security #Microsoft #Windows #RedSun -
Pissing off a hacker is never a good idea. The #BlueHammer researcher has dropped another one, abusing Microsoft Defender's dorky behaviour to gain NT Authority privileges.
https://github.com/Nightmare-Eclipse/RedSun
#Security #Microsoft #Windows #RedSun -
Fully exploitable Windows Defender vulnerability with full source code public for >8 days no CVE assigned so far (BlueHammer).
Writeup: https://hackingpassion.com/bluehammer-windows-defender-zero-day/
Full source code: https://github.com/Nightmare-Eclipse/BlueHammer
/cc @bsi Was ist eigentlich der "Prozess" für vollständig öffentliche Lücken zu denen es seit über einer Woche noch nicht einmal eine CVE Nummer gibt?
Edit: Patch and CVE number CVE-2026-33825 available by now. Took 6 days though.
-
Fully exploitable Windows Defender vulnerability with full source code public for >8 days no CVE assigned so far (BlueHammer).
Writeup: https://hackingpassion.com/bluehammer-windows-defender-zero-day/
Full source code: https://github.com/Nightmare-Eclipse/BlueHammer
/cc @bsi Was ist eigentlich der "Prozess" für vollständig öffentliche Lücken zu denen es seit über einer Woche noch nicht einmal eine CVE Nummer gibt?
Edit: Patch and CVE number CVE-2026-33825 available by now. Took 6 days though.
-
Recently this popped up, #Bluehammer a #Windows exploit that exploits Windows Defender for a local privilege elevation
From user to system level..
It triggers a Defender scan and locks that after, so it can access a certain database that is been backed up while Defender scans to gain system level access
GitHub now gives a warning for the repo it seems:
https://github.com/Nightmare-Eclipse/BlueHammerJust be careful
-
Recently this popped up, #Bluehammer a #Windows exploit that exploits Windows Defender for a local privilege elevation
From user to system level..
It triggers a Defender scan and locks that after, so it can access a certain database that is been backed up while Defender scans to gain system level access
GitHub now gives a warning for the repo it seems:
https://github.com/Nightmare-Eclipse/BlueHammerJust be careful
-
Microsoft Rushes Fixes for 167 Vulnerabilities Amid Zero-Day Exploits
Microsoft just rolled out urgent Patch Tuesday fixes for a whopping 167 vulnerabilities in Windows and related software, including zero-day exploits in SharePoint Server and Windows Defender. But with threats evolving at breakneck speed, can patches keep up to protect our increasingly software-reliant lives?
#PatchTuesday #ZeroDay #Bluehammer #GoogleChrome #AdobeReader
-
Patch Tuesday, April 2026 Edition
https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/
#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable
-
Patch Tuesday, April 2026 Edition
https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/
#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable
-
Patch Tuesday, April 2026 Edition
https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/
#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable
-
Patch Tuesday, April 2026 Edition
https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/
#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable
-
Patch Tuesday, April 2026 Edition
https://krebsonsecurity.com/2026/04/patch-tuesday-april-2026-edition/
#PatchTuesdayApril2026 #SharePointServer #LatestWarnings #TheComingStorm #CVE-2026-32201 #CVE-2026-33120 #CVE-2026-33825 #CVE-2026-34621 #RyanBraunstein #GoogleChrome #SatnamNarang #TimetoPatch #adobereader #MikeWalters #WillDormann #BlueHammer #Action1 #Automox #Tenable
-
@wdormann Of course Microsoft used their GitHub ownership to remove the repo instead of fixing both problems (the exploit and the video requirement).
-
@wdormann Of course Microsoft used their GitHub ownership to remove the repo instead of fixing both problems (the exploit and the video requirement).
-
BlueHammer abuses Windows Defender's update process to gain SYSTEM access
https://hackingpassion.com/bluehammer-windows-defender-zero-day/
#HackerNews #BlueHammer #WindowsDefender #ZeroDay #Cybersecurity #Vulnerability #HackingNews
-
BlueHammer abuses Windows Defender's update process to gain SYSTEM access
https://hackingpassion.com/bluehammer-windows-defender-zero-day/
#HackerNews #BlueHammer #WindowsDefender #ZeroDay #Cybersecurity #Vulnerability #HackingNews
-
#BlueHammer 0-day Schwachstelle im Windows Defender ermöglicht Systemübernahme.
https://borncity.com/blog/2026/04/09/bluehammer-windows-0-day-schwachstelle/
-
#BlueHammer 0-day Schwachstelle im Windows Defender ermöglicht Systemübernahme.
https://borncity.com/blog/2026/04/09/bluehammer-windows-0-day-schwachstelle/
-
Researcher drops #zeroday exploit, probably because researcher was pi**ed that #Microsoft required to send in a video.
-
Researcher drops #zeroday exploit, probably because researcher was pi**ed that #Microsoft required to send in a video.
-
CW: На днях появился BlueHammer — опубликованный прототип уязвимости нулевого дня в Windows-системах. Позволяет повысить права (привелегии) в системе до уровня учётной записи SYSTEM или расширенных админских.
Уязвимость нулевого дня оказалась опубликована вместе с протипом (примером) использования. Опубликовано человеком (Chaotic Eclipse), которому не удалось сообщить о проблеме через официальные каналы Microsoft, потому что соответствующее подразделение (MSRC) захотело прямо аж видео с подтверждением работоспособности данной уязвимости. Отказываясь иначе вести диалог и принимать информацию к сведению.
Это тот апофеоз тотальной идиотии, который преобладает в Microsoft последние 10+ лет. Ниже расписано более детально по этой теме.
Очередное дно пробито, но это не первый раз, а стабильность — это верный признак мастерства.
Нет такого, что Linux или BSD-системы вдруг стали модными и популярными, это людям приходится уходить с Windows-систем из-за такого качества работы Microsoft.
#bluehammer #microsoft #windows #cve #lang_ru @Russia
RE: https://hub.hubzilla.de/item/fadba136-52e4-46e3-9101-5d8c7b0d61fb -
„#BlueHammer“: #ZeroDay-Lücke in #Windows :windows: verschafft erhöhte Rechte | Security https://www.heise.de/news/BlueHammer-Zero-Day-Luecke-in-Windows-verschafft-erhoehte-Rechte-11246762.html #Microsoft #Exploit #MicrosoftWindows :windows:
-
„#BlueHammer“: #ZeroDay-Lücke in #Windows :windows: verschafft erhöhte Rechte | Security https://www.heise.de/news/BlueHammer-Zero-Day-Luecke-in-Windows-verschafft-erhoehte-Rechte-11246762.html #Microsoft #Exploit #MicrosoftWindows :windows:
-
Windows Users brace for impact!