HARDENED Cybersecurity Intelligence Daily Briefing · Friday, April 24, 2026 · hardened.news |
> The signal. Not the noise. — For teams that defend. |
Lead Story | Critical — Active Exploitation · Two Unpatched Zero-Days | Enterprise · Cloud+DevOps · IT Ops |
|
Three Windows Defender Zero-Days Confirmed in the Wild — RedSun and UnDefend Have No CVE, No Fix, and Have Been Actively Exploited Since April 16
BlueHammer earned CVE-2026-33825 and an April Patch Tuesday fix. RedSun and UnDefend earned neither — and both have been observed in confirmed hands-on-keyboard attacks against fully updated Windows systems since April 16.
When Hardened flagged BlueHammer in Issue No. 020 (April 14), it was an unpatched local privilege escalation with a public PoC and no assigned CVE. RedSun and UnDefend received an On Our Radar mention in Issue No. 025 (April 21) when exploitation was first confirmed. Today all three warrant full treatment. Microsoft’s April 2026 Patch Tuesday assigned CVE-2026-33825 to BlueHammer and shipped a fix. Three days after that, Chaotic Eclipse — the researcher who found BlueHammer — published two more vulnerabilities in the same product. On April 22, CISA added CVE-2026-33825 to the Known Exploited Vulnerabilities catalog, confirming active exploitation. RedSun and UnDefend have no CVE, no patch, and have been confirmed in active use since April 17.
From a defender’s vantage point, a RedSun attack produces a log entry that looks like routine security work. The exploit targets a Defender behaviour that is working as designed: when Defender quarantines a file tagged as a cloud placeholder, it later performs a privileged write to return that file to its recorded quarantine origin. Defender trusts that origin record. It does not recheck whether the destination path is still accurate at the moment the write executes. An NTFS junction point placed at that destination in the gap between the record being made and the write running redirects the operation to C:\Windows\System32\TieringEngineService.exe. SYSTEM-level access arrives while Defender completes what it logged as a cleanup task. No administrator rights required. No CVE has been assigned. Exploitation confirmed in live attacks since April 16.
UnDefend operates on a slower clock. Any standard user can run it to block Defender from receiving definition updates. Defender continues running and reports a healthy status across every console view. The Security Centre shows green. Definition currency ages while the detection posture quietly narrows. Over days, new malware families fall outside what Defender can identify — with no alert to indicate the gap is opening. In confirmed incidents, UnDefend enters as a second-stage tool: privilege escalation via RedSun or BlueHammer comes first, and UnDefend is deployed before the main follow-on toolchain arrives — ensuring that toolchain lands in an environment where Defender’s coverage has already started to narrow. No CVE has been assigned. No patch is available. Confirmed incidents share a common initial access pattern: compromised SSL-VPN credentials, followed by hands-on-keyboard lateral movement. Affected platforms: Windows 10, Windows 11, and Windows Server 2019 and later.
→ Key Takeaway Enterprise and IT Ops teams: Apply the April 2026 Patch Tuesday security update for CVE-2026-33825 (BlueHammer) on all Windows 10, Windows 11, and Windows Server 2019+ systems immediately — CISA confirmed active exploitation via KEV addition on April 22. For RedSun and UnDefend, no patch exists; your monitoring posture is the only available control. Watch for: Defender definition age exceeding 24 hours (primary UnDefend indicator), Defender process manipulation events, anomalous NTFS junction creation in system directories, and SSL-VPN login activity followed by lateral movement. UnDefend’s threat is the green health display that stays accurate while coverage narrows — any discrepancy between Defender’s self-reported status and your EDR telemetry is an alert condition, not a display bug. Audit SSL-VPN credential hygiene now; compromised VPN credentials are the documented initial access vector in confirmed incidents. HARDENED does not endorse or recommend specific vendors. Tools are listed for awareness only. |
Quick Hits
| 01 |
Apple Patches iOS Notification Flaw That Retained Deleted Messages — FBI Used It to Recover Signal Fragments After App Deletion. Update to iOS 26.4.2 or iOS 18.7.8 Now.
On April 22, Apple shipped iOS 26.4.2 and iOS 18.7.8 (for older devices) to fix CVE-2026-28950, a logging issue in Apple’s Notification Services framework. Devices affected by the flaw retained notifications that had been marked for deletion, including message content from apps displaying text in push notifications. The FBI used this gap to recover Signal message fragments from a suspect’s iPhone after the Signal app had been uninstalled — accessing notification content held in Apple’s internal database as part of a 2025 criminal investigation. The flaw is in Apple’s notification framework, not in Signal; any messaging app that renders content in push notifications is affected. For Canadian organizations that treat Signal or encrypted alternatives as a secure channel for sensitive internal communications — legal, HR, security incident response — message content may have persisted in device storage beyond the expected deletion window. Update all iOS and iPadOS devices to iOS 26.4.2 or iOS 18.7.8. If physical device access or legal seizure is a realistic risk in your threat model, review your secure communications policy accordingly.
| High — Privacy Flaw · Patch Available | Enterprise · IT Ops |
|
| 02 |
Canada’s Cyber Centre Tells Critical Infrastructure: Be Ready to Operate Isolated for Three Months — CIREN Is Active Now
The Canadian Centre for Cyber Security launched the Critical Infrastructure Resilience and Escalated Threat Navigation (CIREN) initiative on April 17, 2026, with direct operational guidance for organizations running Canada’s energy, telecommunications, transportation, and water infrastructure. CIREN’s purpose is preparing those organizations for worst-case scenarios — the CCCS’s characterization of widespread, prolonged cyber disruptions driven by geopolitical instability and AI-accelerated attack capabilities. The three required actions are specific: prepare to isolate critical systems from external networks for up to three months, develop and test response plans for operating without external connectivity, and plan for full system rebuilding after severe incidents. CIREN is operational direction from Canada’s national cybersecurity authority, not a framework recommendation. Canadian critical infrastructure operators should treat CIREN as an active exercise requirement. Full guidance is available at cyber.gc.ca.
| Intel — Canadian Guidance | Enterprise · Cloud+DevOps |
|
CVE Watch
|
CVE Watch
CVE-2026-5752 (Terrarium / Cohere AI): CVSS 9.3 Sandbox Escape in the Tool Built to Run LLM-Generated Code — No Patch Coming
Terrarium is Cohere AI’s open-source Python sandbox, built to run untrusted code — including output from large language models — inside a Docker container. CVE-2026-5752 (CVSS 9.3) exploits a scope boundary Terrarium cannot fully enforce. Pyodide runs Python inside a JavaScript environment, and JavaScript object inheritance does not stop at the sandbox wall. Code executing inside the sandbox can navigate the object prototype chain to reach the JavaScript function constructor, and from there to globalThis — Node.js’s global scope. Once at globalThis, require() is accessible. From require(), loading arbitrary system modules is straightforward, and from those modules the path to root command execution inside the Docker container is short. Access to the container’s filesystem follows, along with lateral reach to any other service on the container network. The vulnerability was published April 14, 2026 (GitHub Advisory GHSA-cmpr-pw8g-6q6c). The project is unmaintained — no patch will be published. No confirmed wild exploitation has been reported, but the vulnerability window stays open indefinitely with no patch cadence to close it. If your AI development stack or any LLM-powered application embeds Terrarium for user-provided or AI-generated code execution, replace it with an actively maintained sandboxing alternative now.
| Vendor: Cohere AI (Terrarium) · CVE: CVE-2026-5752 · CVSS: 9.3 Critical · Affected: All Terrarium versions · Fix: None — project unmaintained · Exploitation: No confirmed wild exploitation; no patch forthcoming |
|
Compliance Tip of the Day
|
NIST CSF 2.0 — DE.CM-09 — Detect: Continuous Monitoring
Monitor the Security Tools, Not Just the Threats They Are Supposed to Catch
NIST CSF 2.0 DE.CM-09 requires that computing hardware and software be monitored to find potentially adverse events. Most security teams apply this outward — watching networks, endpoints, and user activity for malicious signals. Today’s lead makes the case for turning that monitoring inward. UnDefend, one of three Windows Defender zero-days confirmed exploited this week, does not trigger an alert. It blocks definition updates while Defender reports healthy in every console view and the Security Centre displays green. The monitoring gap it exploits is common: most teams track threat detections, not the detection capability itself. DE.CM-09 applied to endpoint security means treating AV definition age, engine version currency, and telemetry feed continuity as first-class monitored metrics with threshold alerts — the same operational discipline applied to network latency or failed authentication rates. Concrete action (DE.CM-09): Add Defender definition age to your monitoring dashboard with a 24-hour threshold alert. If definitions have not updated within a day, treat it as an indicator of active interference, not a synchronization delay. Include AV health status in regular security posture reporting alongside patch currency and vulnerability counts. NIST CSF 2.0 reference: nist.gov/cyberframework.
|
|
HARDENED | This newsletter does not constitute professional security advice. Security configurations and threat landscapes vary by organization. Consult a qualified security professional for implementation guidance specific to your environment. How we work: HARDENED uses AI agents for research, drafting, and automation. Every issue is reviewed by humans before publication. If you spot an error, reply directly — we correct the record promptly. Sources: The Hacker News (“Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched”), thehackernews.com · Help Net Security (“Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild”, April 17, 2026), helpnetsecurity.com · CISA Known Exploited Vulnerabilities catalog (CVE-2026-33825, added April 22, 2026), cisa.gov/known-exploited-vulnerabilities-catalog · Microsoft Security Response Center (CVE-2026-33825 advisory), msrc.microsoft.com · SOCRadar (“BlueHammer, RedSun, and UnDefend: Three Windows Defender Zero-Days Exploited in the Wild”), socradar.io · BlackSwan Cybersecurity (RedSun threat advisory, April 17, 2026), blackswan-cybersecurity.com · Cloud Security Alliance Labs (“Microsoft Defender Triple Zero-Day: BlueHammer, RedSun, UnDefend”), labs.cloudsecurityalliance.org · Picus Security (“BlueHammer & RedSun: Windows Defender CVE-2026-33825 Zero-day Vulnerability Explained”), picussecurity.com · Help Net Security (“Apple fixes iPhone bug that let FBI retrieve deleted Signal messages (CVE-2026-28950)”, April 23, 2026), helpnetsecurity.com · The Hacker News (“Apple Patches iOS Flaw That Stored Signal Messages”), thehackernews.com · BleepingComputer (“Apple fixes iOS bug that retained deleted notification data”), bleepingcomputer.com · Canada.ca (“Cyber Centre launches new initiative to help Canada’s critical infrastructure prepare for severe cyber threats”, April 17, 2026), canada.ca · Canadian Centre for Cyber Security (CIREN initiative), cyber.gc.ca · The Hacker News (“Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape”, April 22, 2026), thehackernews.com · GitHub Advisory Database (GHSA-cmpr-pw8g-6q6c, CVE-2026-5752), github.com/advisories · SentinelOne (CVE-2026-5752 vulnerability database), sentinelone.com · NIST CSF 2.0 (DE.CM-09), nist.gov/cyberframework |
|
|
