CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks
ID: e37e0e0d-73de-5431-8296-02a86fe28e72
STIX ID: report--e37e0e0d-73de-5431-8296-02a86fe28e72
Feed Name: Security Affairs
Threat Score
CISA confirms the BlueHammer vulnerability (CVE-2026-33825) is being exploited in real-world ransomware attacks to gain SYSTEM privileges through Microsoft Defender; the flaw and two related zero-days were publicly disclosed by a researcher whose released proof-of-concept code is believed to be used by attackers, and CISA has added BlueHammer to its Known Exploited Vulnerabilities list.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
