Two Microsoft zero-days affecting its Defender antimalware suite are being actively exploited to trigger denial-of-service (DoS) states on unpatched Windows devices. The first flaw, tracked as CVE-2026-41091 (CVSS: 7.8), is a privilege escalation vulnerability impacting the Microsoft Malware Protection Engine versions 1.1.26030.3008 and earlier. This engine provides scanning, detection, and cleaning functions for Microsoft’s native security software. The vulnerability arises from an improper li
dos (2)
Both cyberattacks and cybercrime are increasing driven by the ongoing COVID-19 pandemic and easy money to be made by the cyber actors, who are suspected to be Russians. One of the most damaging of these attacks are Remote Code Execution (RCE), or an Arbitrary Code Execution. RCE attacks can be especially detrimental to corporate and institutional sectors in both North America and the United Kingdom. When someone takes control of another person’s device or computer, it can be dangerous for the
