IOC Radar
TLP:WHITE1 IOC

THREAT ADVISORY RedSun Zero-Day (Windows Defender) April 17, 2026

BC
Blackswan Cybersecurity
Published April 17, 2026Original Report

Diamond Model

Attack Flow6 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1190
1/6
Exploit Public-Facing Application
ActionExploit Defender vulnerability
Attackers leverage a zero-day vulnerability in Microsoft Defender to gain initial access.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise1

TypeIndicatorConfidenceScoreFirst Seen
CVECVE-2026-33825
exploitintel-blogmalware
High
62
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph1 total IOCs
CVE
CVE1REPORTTHREAT ADVISORY RedSun Ze
scroll to zoom · drag to pan · click IOC to open