惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Application and Cybersecurity Blog
Application and Cybersecurity Blog
A
About on SuperTechFans
S
SegmentFault 最新的问题
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
Help Net Security
Help Net Security
有赞技术团队
有赞技术团队
博客园 - 【当耐特】
O
OpenAI News
美团技术团队
月光博客
月光博客
Apple Machine Learning Research
Apple Machine Learning Research
Schneier on Security
Schneier on Security
Webroot Blog
Webroot Blog
Cyberwarzone
Cyberwarzone
Hacker News - Newest:
Hacker News - Newest: "LLM"
Google Online Security Blog
Google Online Security Blog
T
Tenable Blog
S
Security Affairs
博客园_首页
S
Schneier on Security
Security Latest
Security Latest
T
Threat Research - Cisco Blogs
T
Tailwind CSS Blog
大猫的无限游戏
大猫的无限游戏
Spread Privacy
Spread Privacy
量子位
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
K
Kaspersky official blog
Hugging Face - Blog
Hugging Face - Blog
TaoSecurity Blog
TaoSecurity Blog
博客园 - 聂微东
Vercel News
Vercel News
M
MIT News - Artificial intelligence
T
Troy Hunt's Blog
B
Blog
MongoDB | Blog
MongoDB | Blog
Martin Fowler
Martin Fowler
Attack and Defense Labs
Attack and Defense Labs
L
LINUX DO - 最新话题
D
DataBreaches.Net
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Stack Overflow Blog
Stack Overflow Blog
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
博客园 - Franky
W
WeLiveSecurity
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
F
Fortinet All Blogs
www.infosecurity-magazine.com
www.infosecurity-magazine.com
C
Check Point Blog
H
Hacker News: Front Page

The Register - Special Features

Troops’ phones gave away location data to foreign adversaries Qualcomm picks bad time to pitch a $300 laptop platform AI agents get their own phone directory built atop DNS Carnival confirms ShinyHunters cruised off with 6M customer records after April breach Google engineer accused of turning Year in Search secrets into Polymarket payday Are we human? India's cyber agency sets clock at 12 hours to tackle exploited bugs as AI turns up the heat Broadcom gets early start on WiFi 8 with next-gen wireless routing kit Are we human? Microsoft Excel champ proves he still has the formula Anthropic co-founder hallucinates ghost in the machine Anthropic co-founder hallucinates ghost in the machine NASA plans Moon Base buildout with rovers, drones, cargo landers MyPillow must decide whether to be firm or soft as ransomware crims demand pay Starship shows it can deploy satellites, but Moon mission clock still ticks Huawei's chip law looks less like Moore and more like marketing Experts pour cold borscht on Farage's Russian hack claim Logitech unveils a cushioned mouse for all-day use AI eyes scanning for bugs create a worrisome Linux security trend A Russian speaker and jailbroken Gemini went on a hacking spree and emptied at least one MAGA victim's crypto wallets AI datacenter boom collides with US grid reality Media giant settles for $930k amid user-snooping allegations AT&T sues to ditch Cali copper phone lines to save billions FBI warns of Kali365 as device code phishing soars Techie claims Trump Mobile website was leaking thousands of people's data BOFH: Vibe-coded solutions arrive for problems nobody has Dems slam Trump for making cybersecurity hold out the tin cup while splurging on ballroom and Jan. 6 'slush fund' Google explains how it will infuse ads into AI answers AI is getting pricey, but relief is coming, but not for you Deus ex machina: Half of US Christians trust AI's spiritual advice Attackers spill plaintext passwords of 46k Myspace93 users after 2021 breach Apple adds AI smarts to Voice Control, VoiceOver and Magnifier ahead of Accessibility Day Microsoft open-sources agentic AI safety tools OpenAI wants upfront cash for guaranteed AI capacity Fedora: Microsoft is all aboard, but Deepin is dumped Bye-bye, Gemini CLI; Google nudges devs toward Antigravity Plex appeal fades as Lifetime Pass jumps to $750 AI sackings reach New Zealand, which will use it to eject 14 percent of government staff Anthropic’s Stainless steal tightens grip on AI dev tooling Are we human? Google touts tokenmaxxing, huge capex, and AI agents at I/O America's top cyber-defense agency left a GitHub repo open with with passwords, keys, tokens – and incredibly obvious filenames America's top cyber-defense agency left a GitHub repo open with passwords, keys, tokens – and incredibly obvious filenames Shadow AI invades the workplace, up 4x in the last year Microsoft refreshes Surface for Business lineup, starts AI PC upsell at $1,499 Broadcom finds a VMware customer willing to stick around: London Stock Exchange 468k records allegedly stolen from Portugal’s postal carrier Baidu says the quiet part out loud – you can’t build AI infrastructure, so clouds can cash in Shai-Hulud copycat worm infects yet another npm package Uncle Sam's next big super might not use GPUs Are we human? Datacenters slurping up so much juice they boosted prices 75% in largest US energy market MPs want social media treated more like unsafe toys than harmless apps Cerebras’ wafer-scale AI bet delivers blockbuster IPO Nobody believes the 'criminals and scumbags' who hacked Canvas really deleted stolen student data Anthropic tosses agents into the API billing pool Jen Easterly, cybersecurity's 'relentless optimist,' hopes feds come back to RSAC next year Jen Easterly, cybersecurity's 'relentless optimist' Smooth criminals talking their way into cloud environments, Google says Voice phishing skyrockets as smooth crims talk their way in RSAC 2026: Uncle Sam backs out, AI agents everywhere RSAC 2026: Uncle Sam backs out, AI agents everywhere Decoding Nvidia's Groq-powered LPX and the rest of its new rack systems A closer look at Nvidia's Groq-powered LPX rack systems Nvidia slaps $20B Groq tech into massive new LPX racks to speed AI response time Nvidia slaps Groq into new LPX racks for faster AI response AI Burning Man happens next week – what to expect at Nvidia GTC 2026 Nvidia GTC 2026: What to expect at AI Burning Man Unaccounted-for AI agents are being handed wide access Unaccounted-for AI agents are being handed wide access Google to foist Gemini pane on Chrome users Google to foist Gemini pane on Chrome users Yes, you can build an AI agent – here's how, using LangFlow How to build an AI agent using LangFlow Clawdbot becomes Moltbot, but can’t shed security concerns Clawdbot becomes Moltbot, but can’t shed security concerns Gartner questions if Salesforce AI will stay all-you-can-eat Gartner questions if Salesforce AI will stay all-you-can-eat Claude supports MCP Apps, presents UI within chat window Claude supports MCP Apps, presents UI within chat window Cursor is better at marketing than coding Cursor is better at marketing than coding Feds skipping infosec industry's biggest conference, RSAC AI is rewriting how power flows through the datacenter All aglow about DCs, investors launch $300M at microreactor startup Radiant bags $300M-plus to commercialize its microreactors Why do bit barns keep bumping up our bills, Senators ask DC operators Senate trio questions DC operators over rising energy costs Building the AI factory datacenter Delays? What delays? Oracle insists its $300B cloud contract with OpenAI is on track Oracle insists its $300B contract with OpenAI is on schedule Salesforce willing to lose money on AI to lock in customers Salesforce willing to lose money on AI to lock in customers Galactic Brain space datacenter coming in 2027, pledges startup Aetherflux Galactic Brain space datacenter promised in 2027 Activist groups urge Congress to pause datacenter buildouts Activist groups urge Congress to pause datacenter buildouts Bezos-backed Unconventional AI addresses datacenter power Bezos-backed Unconventional AI addresses datacenter power AWS re:Invent keynote: Matt Garman bores, then thrills
Microsoft's worst 'Nightmare' unleashes BitLocker bypass 0-day
Jessica Lyons Jessica Lyons · 2026-06-12 · via The Register - Special Features

Security

Another day, another Windows exploit code

Nightmare Eclipse, the prolific zero-day vulnerability hunter with an axe to grind against Microsoft, released yet another exploit late Wednesday that the researcher claims will spawn a command prompt that provides total access to the BitLocker volume.

This bug, called GreatXML, was “an accidental discovery,” according to the researcher, who said it only took four hours to find. They claim this exploit (published on GitHub and Git-based code-hosting platforms) can bypass BitLocker on any system that has ever run a Microsoft Defender Offline scan at any point in the past.

GreatXML comes just a day after Nightmare released exploit code for RoguePlanet, which allows local privilege escalation and leads to SYSTEM-level control over an affected machine. This brings the researcher’s zero-day count to eight. The earlier six - RedSun, UnDefend, BlueHammer, YellowKey, GreenPlasma, and MiniPlasma - all have patches as of this week’s Patch Tuesday event. 

Redmond on Wednesday told The Register that it is aware of RoguePlanet, and “actively investigating the validity and potential applicability of these claims.” The Windows giant didn’t immediately respond to our inquiries about GreatXML, including when it planned to issue a patch.

Microsoft has said none of the vulnerabilities were reported via its official channels prior to being made public. The company also banned Nightmare’s earlier GitHub account, and seemingly threatened legal action before dialing back its rhetoric after steep backlash from the security community.

Nightmare Eclipse, who some researchers suggest is an ex-Microsoft employee, harbors a very personal grudge against the Windows giant and its communications with bug hunters. They have promised to keep the zero-days coming, but waffle on the timing. 

Last month, the researcher pledged a big July 14 drop: “I will make sure your bones are shattered that day,” and then added, “nothing will be released this June (or maybe I will release smtg, depending on circumstances).”

On Tuesday, they changed course. “I will be unable to mass disclose zerodays in July 14th, RoguePlanet took way more time than expected and truly drained me. I might take a break but I can't say for sure what I will be doing for next month, maybe it's nothing, maybe it's smtg.”

A day later, Nightmare released the “accidental” GreatXML BitLocker bypass. 

According to the researcher, the BitLocker bypass first requires copying “unattend.xml” and the “Recovery” directory to the root of the recovery partition. The next step is rebooting into WinRE by Shift-clicking Restart. “If everything was done correctly, a shell with unrestricted access to the bitlocker volume will spawn,” Nightmare wrote.

Also, if the scan hasn’t even been initiated on the Windows system, first you’d need to either log in and initiate it, or “figure out a way to boot into WinRE in offline scan state.”

Security sleuth Will Dormann followed Nightmare’s steps to reproduce GreatXML, and said the writeup seems “flawed.” In his testing, Dormann said the command prompt appeared the next time a Defender Offline scan ran.

“And in order to trigger a Microsoft Defender Offline scan, you both need to be logged in to Windows, and also have admin credentials,” he wrote on social media. “And if you've already got that level of access, you can just turn off bitlocker.”

“The writeup for GreatXML suggests that the prerequisite is that Windows Defender Offline has been executed at some point in the past,” Dormann added. “And that after planting two files in WinRE, all you need to do is [Shift]-reboot into WinRE, and Windows will automatically go into Microsoft Defender Offline scan mode. But this is not the case in any of the 3 lineages of Win11 that I have handy.” ®