Hackers are selling a critical Windows zero-day exploit for $220,000 on the dark web

The big picture: A cybercriminal is reportedly selling a Windows zero-day exploit on the dark web for $220,000. The vulnerability, which targets Windows Remote Desktop Services, could allow an attacker to gain system-level privileges on compromised PCs. It affects Windows 10, Windows 11, and all Windows Server editions from 2012 through 2025.

According to X user Dark Web Informer, a cybercriminal known as Kamirmassabi recently posted an ad on an underground hacking forum, offering to sell a zero-day exploit for a critical elevation of privilege vulnerability in Windows 10 and 11. The steep $220,000 asking price suggests the exploit is aimed primarily at deep-pocketed state actors or corporate spies.

Tracked as CVE-2026-21533, the vulnerability leverages improper privilege management to grant attackers full administrative control over compromised machines. The bug is remotely exploitable, enabling attackers to execute code, install programs, steal data, modify system settings, and perform any other ...