From the BlueHammer author: New Windows zero-day grants admin rights

The exploit uses an insecure behavior of Windows Defender and a file API to secure system rights. It is still unpatched.

Unpatched Microsoft Defender flaw lets hackers gain admin access

A security researcher has published a working exploit for a Microsoft Defender security flaw that affects Windows 10, 11, and ...
Bleeping Computer

Exploit released for Cisco SSM bug allowing admin password changes

Cisco warns that exploit code is now available for a maximum severity vulnerability that lets attackers change any user password on unpatched Cisco Smart Software Manager On-Prem (Cisco SSM On-Prem) ...
Bleeping Computer

Hackers exploit OttoKit WordPress plugin flaw to add admin accounts

Hackers are exploiting a critical unauthenticated privilege escalation vulnerability in the OttoKit WordPress plugin to create rogue admin accounts on targeted sites. OttoKit (formerly SureTriggers) ...
CoinDesk

Audit admin keys, not just code, expert says after $200 million Drift exploit

Programmable blockchain Solana's SOL token has hit five-week lows after an exploit at one of its largest perpetual decentralized exchange, Drift, underscored that security risks go beyond just smart ...