logo

CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks

ID: e37e0e0d-73de-5431-8296-02a86fe28e72

STIX ID: report--e37e0e0d-73de-5431-8296-02a86fe28e72

Feed Name: Security Affairs

Threat Score
80/100

Date Published: 2026-07-01

Date Updated: 2026-07-02

Author: Pierluigi Paganini

...
...

CISA confirms the BlueHammer vulnerability (CVE-2026-33825) is being exploited in real-world ransomware attacks to gain SYSTEM privileges through Microsoft Defender; the flaw and two related zero-days were publicly disclosed by a researcher whose released proof-of-concept code is believed to be used by attackers, and CISA has added BlueHammer to its Known Exploited Vulnerabilities list.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.