Hackers Allegedly Selling Exploit for Windows Remote Desktop Services 0-Day Flaw

A threat actor is allegedly selling a zero-day exploit for a Windows Remote Desktop Services vulnerability (CVE-2026-21533) for $220,000, which allows for privilege escalation to gain local administrative control. This high-severity flaw impacts numerous Windows versions and requires immediate patching and potential disabling of Remote Desktop Services if not essential.