endpoint-security

Your Antivirus Is Harvesting Passwords Now: BlueHammer Hits CISA KEV

John Z Black Apr 23, 2026

Vulnerabilities & Patching #microsoft #windows-defender #bluehammer #cve-2026-33825 #zero-day #cisa-kev #credential-theft #endpoint-security

The BlueHammer flaw has moved from a research curiosity to an active threat. This Windows Defender zero-day turns your security software into a password harvester by exploiting a race condition to steal credentials. CISA says patch now.

Searching for Tax Forms? Malicious Google Ads Want to Kill Your Antivirus First

John Z Black Mar 25, 2026

Threat Intelligence #malvertising #byovd #screenconnect #edr #tax-season #endpoint-security #huntress

A malvertising campaign running since January targets W2 and W9 searchers with a kill chain that disables endpoint security at the kernel level before installing remote access malware. Your antivirus can't stop it once it's running.

BlackSanta Kills Your EDR Before You Even Know You're Hit — and It's Coming Through HR

John Z Black Mar 11, 2026

Malware #malware #edr #endpoint-security #phishing #hr-security #blacksanta

New malware called BlackSanta disables your endpoint detection, and it's getting in through HR inboxes. That combo is nastier than it sounds.