A newly disclosed zero-day vulnerability, dubbed RedSun, is raising fresh concerns for organizations relying on Microsoft Defender as a core layer of endpoint protection. Early indicators suggest similarities to the recently patched BlueHammer vulnerability (CVE-2026-33825), reinforcing a troubling trend: attackers are increasingly targeting the very tools designed to stop them.