A recent surge in zero-day exploits has put Microsoft Defender under intense scrutiny, with three newly discovered vulnerabilities allowing attackers to gain elevated access, and two of these flaws remaining unpatched1. This development is particularly concerning, given the critical role Microsoft Defender plays in safeguarding systems. Meanwhile, threat actors are leveraging QEMU to create hidden virtual machines, enabling them to stealthily exfiltrate data and disseminate malware. Additionally, a Mirai variant, known as Nexcorium, is exploiting a flaw in TBK DVR devices to launch devastating DDoS attacks. The discovery of these vulnerabilities underscores the need for prompt action, as the window for patching is rapidly diminishing. So what matters most to security practitioners is that the emergence of these zero-day exploits necessitates an immediate assessment of their organization's exposure to mitigate potential damage.
Security Affairs newsletter Round 573 by Pierluigi Paganini – INTERNATIONAL EDITION
⚠️ Critical Alert
Why This Matters
Zero-day activity targeting Microsoft means patching windows are already closing — assess your exposure immediately.
References
- Paganini, P. (2026, April 19). Security Affairs newsletter Round 573 by Pierluigi Paganini – INTERNATIONAL EDITION. *SecurityAffairs*. https://securityaffairs.com/190994/breaking-news/security-affairs-newsletter-round-573-by-pierluigi-paganini-international-edition.html
Original Source
SecurityAffairs
Read original →