惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

有赞技术团队
有赞技术团队
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
aimingoo的专栏
aimingoo的专栏
IT之家
IT之家
G
Google Developers Blog
爱范儿
爱范儿
博客园 - 司徒正美
Recent Announcements
Recent Announcements
The Register - Security
The Register - Security
J
Java Code Geeks
The Cloudflare Blog
M
MIT News - Artificial intelligence
Apple Machine Learning Research
Apple Machine Learning Research
Microsoft Security Blog
Microsoft Security Blog
博客园 - Franky
雷峰网
雷峰网
酷 壳 – CoolShell
酷 壳 – CoolShell
Blog — PlanetScale
Blog — PlanetScale
Vercel News
Vercel News
宝玉的分享
宝玉的分享
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
B
Blog
小众软件
小众软件
Microsoft Azure Blog
Microsoft Azure Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
WordPress大学
WordPress大学
T
Troy Hunt's Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
H
Hacker News: Front Page
H
Help Net Security
S
Security @ Cisco Blogs
V
V2EX
Security Archives - TechRepublic
Security Archives - TechRepublic
Stack Overflow Blog
Stack Overflow Blog
O
OpenAI News
L
LINUX DO - 最新话题
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
S
Secure Thoughts
Help Net Security
Help Net Security
F
Full Disclosure
博客园 - 叶小钗
The Hacker News
The Hacker News
Spread Privacy
Spread Privacy
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Jina AI
Jina AI
K
Kaspersky official blog
www.infosecurity-magazine.com
www.infosecurity-magazine.com
V
Vulnerabilities – Threatpost
P
Privacy International News Feed
Scott Helme
Scott Helme

Consumer Insights

The ransomware negotiator who was working for the other side After years on the run, alleged Ryuk ransomware operator pleads guilty INTERPOL crackdown shows scammers shifting to social media Meta lets strangers remix your public Instagram photos with AI—here’s how to opt out Invited to a "job interview" with Netflix or OpenAI? Beware! Your Google password could be at risk Two arrested over credit card phishing - as the Netherlands is named Europe's worst for payment fraud India pauses WhatsApp username feature over security concerns Alleged teen ransomware hustler faces US charges after arrest in Finland WhatsApp usernames explained: how to reserve yours and stay safe Scammers race to cash in on Venezuelan earthquake disaster USB drives carrying China-linked malware infected Japanese military networks for nearly a year WhatsApp tests new safety prompt before you chat with strangers Social media is worth celebrating. It's also worth protecting. Polish police dismantle SIM-swap gang accused of crypto theft Operation Endgame deals fresh blow to StealC and Amadey malware networks Hacker hijacks Brazil's national alert system, sending "misanthropy" to millions of phones Cybercrime now rivals traditional crime across parts of Asia Apple's Hide My Email tweak leaves privacy fans fuming Americans lost $3.5 billion to imposter scams last year — and the scams are getting harder to spot Scammers have killed the physical Steam Gift cards Crypto investment scam sends couriers to collect victims' cash, FBI warns Maine forced to take down data breach portal after fake notices filed with authorities Privacy own-goal: World Cup blunder leaks Lionel Messi's passport details Why schools remain one of cybercriminals' favourite targets WhatsApp detects new spyware activity from Israel’s NSO Group despite court order Got a LinkedIn message from a recruiter? It might be Chinese intelligence, warn FBI and MI5 Europol cracks down on illegal streaming globally Hackers didn't hack Instagram; they just asked Meta AI FBI Warns Fans About FIFA Scams Ahead of 2026 World Cup Virtual knife, real lawsuit: Counter-Strike skin dispute ends in court As Deepfakes Spread, YouTube Makes AI Labels Harder to Miss Carnival breach exposes data of nearly 6 million people Police arrest man following hack of Ajax football club MyPillow listed on ransomware gang's leak site, but denies it has been breached FBI warns criminals impersonating IT support to breach law firms FBI warns of Kali365 phishing kit that breaks into Microsoft 365 accounts — no password required Telecom Executives Plead Guilty to Tech Support Fraud 7-Eleven data breach exposes data of 185,000 people ASIC Warns Australians About Crypto Trading Scams Google Search AI Mode brings a major overhaul Deleted Google API keys may remain active for 23 minutes Ukrainian police identify perp in $721k infostealer scheme Steam removes horror game after malware steals player data FBI: Crypto ATM Scams Keep Growing as Americans Lose Millions FBI warns students and staff that ShinyHunters may come knocking after Canvas breach Scam Centers Under Pressure as INTERPOL Makes More Arrests FBI Warns Older Adults Lost Billions to Scammers Burst Statistics WordPress flaw under attack Android 17 Will Let Users Verify Whether Their OS Is Legit Suspected Dream Market kingpin arrested after gold bars sent to his home address Apple Fixes ‘Persistent Notifications’ Flaw on Older iPhones Football Ticket Scams Are Rising Fast, Lloyds Bank Warns When ransomware gets physical: cybercriminals turn to threats of violence iPhone-to-Android Texts Are Now Encrypted (RCS Messaging) UK Water Supplier Fined Nearly £1 Million After Hackers Roamed Networks for Almost 2 Years Instagram Drops Encrypted DMs — What This Means for You New fear: Man films woman with smart glasses, seeks money to take video down ClickFix Campaign Uses Compromised WordPress Sites to Spread Vidar Stealer in Australia Inside Department 4: Russia's secret school for hackers Ubuntu’s new AI dreams attracted a very old-fashioned crypto scam on X Chrome 4GB AI model: What weights.bin does Sri Lanka makes 37 arrests as it raids another scam centre DAEMON Tools Lite breach prompts urgent update after malware-laced installer Brits Lost £102 Million to Romance Scams Last Year The Online Safety Act Is Changing the Internet for Kids World Password Day 2026 How Hackers Stole and Sold Roblox Accounts for $250,000 Before Getting Caught Four Years in Prison for Cybersecurity Pros Turned Ransomware Attackers Teenager alleged to be Scattered Spider hacker arrested in Finland, faces US extradition 276 Arrested in Crypto Scam Crackdown Popular WordPress redirect plugin found with years-old backdoor Iran-linked Handala hackers leak US Marines data, send chilling WhatsApp threats Alleged Silk Typhoon hacker extradited to the United States to face charges FTC: Social Media Scams Cost Americans $2.1 Billion in 2025 French police arrest 21-year-old "HexDex" hacker over 100 alleged data breaches iOS Flaw Exposed ‘Deleted’ Signal Messages Sony Starts Enforcing PlayStation Age Verification; UK and Ireland Are First Ransomware ‘Negotiator’ Faces 20 Years in Prison for Allegedly Betraying His Employers You’ve Got Mail and It’s Tracking Your Warship Crypto Investment Scam Costs Woman in Hong Kong Nearly $1 Million Operation PowerOFF warns 75,000 DDoS users Singer loses life savings to fake wallet downloaded from the Apple App Store AgingFly malware targets Ukraine government, hospitals 108 malicious Chrome extensions caught stealing Google and Telegram data from 20,000 users Rockstar Games confirms breach after ShinyHunters leaks stolen analytics data FBI: Cybercrime Losses Hit $21 Billion in 2025, Fueled by AI Life imprisonment for Cambodian scam compound operators - but will it make a difference? Fake Claude Code leak on GitHub spreads Vidar malware Apple Expands ‘DarkSword’ Patch to More iPhones and iPads Nigerian romance scammer jailed after being caught out by fellow fraudster Fake WhatsApp Clone Used in Spyware Campaign, Meta Warns Fake CERT-UA emails spread AGEWHEEZE in ukraine Alleged RedLine malware developer extradited to United States The Scam That Tricks You Into Infecting Your Own Mac Iranian hackers breach FBI director's personal email, and post his CV and photos online Don't Ignore This Security Alert Apple Sent to iPhone Lock Screens Meta and YouTube Designed Addictive Platforms, Jury Finds TikTok Business phishing campaign targets advertisers Lapsus$ claims AstraZeneca breach exposes code and credentials How one man used 10,000 bots to steal $8,000,000 from music artists
BitLocker zero-day exposes Windows drives as PoC goes public
Vlad CONSTANTINESCU · 2026-05-14 · via Consumer Insights

Public exploit code raises fresh concerns over Windows disk encryption and local privilege escalation.

YellowKey targets Windows recovery

A researcher has released proof-of-concept (PoC) exploit code for two unpatched Windows flaws, including a BitLocker bypass that can expose encrypted drives on affected systems.

The BitLocker issue, named YellowKey, was published by a researcher using the monikers Chaotic Eclipse and Nightmare Eclipse. It affects Windows 11 and Windows Server 2022/2025 and relies on Windows Recovery Environment, the mode used to troubleshoot boot problems.

Public reports say the PoC uses crafted FsTx files on removable media, then abuses recovery boot behavior to open a command shell while the protected disk remains accessible. Researchers who have tested the technique confirm it works on recent Windows 11 builds, although not every variant has been reproduced.

Why TPM-only BitLocker is exposed

The risk is most immediate for devices using TPM-only BitLocker, a common setup that automatically unlocks the operating system drive during startup. That convenience makes recovery-time abuse dangerous: the device can decrypt itself before a user proves identity.

Microsoft’s BitLocker guidance says startup PINs and other protectors can add pre-boot authentication for higher-risk devices. However, the researcher claims a separate TPM+PIN path exists that has not been fully disclosed, leaving defenders with an incomplete technical picture.

GreenPlasma raises privilege concerns

The second issue, GreenPlasma, is described as a Windows CTFMON privilege-escalation flaw. Its PoC is not complete, but reportedly shows how an unprivileged user could create arbitrary memory-section objects in locations trusted by privileged components.

This complicates matters because local privilege escalation often turns an initial foothold into machine compromise. Even an unfinished PoC can give attackers enough information to build a working exploit chain, particularly when paired with other access vectors.

Microsoft urges coordinated disclosure

Microsoft said it investigates reported security issues and supports coordinated vulnerability disclosure, which gives vendors time to validate and fix bugs before public release. No patch or CVE for YellowKey or GreenPlasma was available as of the time of publication.

Administrators should review BitLocker policy, prioritize physical security, restrict recovery access, monitor suspicious WinRE use and consider stronger pre-boot protection on laptops and systems holding sensitive data.