Microsoft Defender Zero-Day Exploited Before Disclosure — CISA KEV, AI Cloud Attacks, and npm Supply Chain Worm

CISA adds Microsoft Defender zero-day to KEV. Unit 42 Zealot AI agent pwns cloud. CanisterSprawl npm worm self-propagates. Talos Q1 2026 IR data.