Windows BitLocker exploit sparks messy feud between Microsoft and the researcher who exposed it

The issue centers on a zero-day exploit called "YellowKey," published earlier this month by a security researcher known as Chaotic Eclipse, also known online as Nightmare-Eclipse.

Microsoft Exchange hacked, Defender broken, BitLocker bypassed

Microsoft's May Patch Tuesday looked quiet. Since then, there's been an unpatched Exchange CVE, three Defender flaws, and a ...
Ars Technica

Zero-day exploit completely defeats default Windows 11 BitLocker protections

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker protections and gain complete access to an encrypted drive within seconds.
TechSpot

A security researcher says Microsoft secretly built a backdoor into BitLocker, releases an exploit to prove it

The Epitome of WTF: A researcher known as "Nightmare-Eclipse" recently released YellowKey, a security vulnerability that allegedly enables a full bypass of BitLocker's full-volume encryption. The ...
Hosted on MSN

Microsoft patches 120 flaws amid new Windows 11 BitLocker exploit

Large-scale security update: Microsoft rolled out fixes for 120 flaws across Windows, Office, and other services, with 30 rated critical, in one of its biggest Patch Tuesdays. Windows 11 encryption ...
TweakTown

Security researcher finds zero-day exploit that defeats Windows 11 BitLocker, calls it an insane 'backdoor' discovery

Use left and right arrow keys to seek audio. A security researcher going by the alias Nightmare-Eclipse has uncovered a zero-day exploit they describe as one of the most insane discoveries ever, ...
Ars Technica

Zero-day exploit completely defeats default Windows 11 BitLocker protections

You need a modified Windows RE, and it's unclear if it's possible to modify one already on the disk without another exploit. Step 3 in the list should be "enter the windows recovery environment, by ...
The Hacker News

PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation

CVE-2026-0257 is being actively exploited on PAN-OS devices since May 17, 2026, enabling unauthorized VPN access and network exposure.
Bleeping Computer

Windows BitLocker zero-day gives access to protected drives, PoC released

A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a ...
TechRepublic

Two Unpatched Windows Exploits Target BitLocker, SYSTEM Access

Two unpatched Windows exploit PoCs target BitLocker protections and privilege controls after Microsoft’s May Patch Tuesday security update. Microsoft’s quiet Patch Tuesday did not stay quiet for long.
Windows Central

Microsoft fixes annoying BitLocker lockout — but only for Windows 11, leaving Windows 10 stuck

Windows 11 25H2 users get a BitLocker bug fix, while Windows 10 remains stuck with recovery headaches until Microsoft rolls out a broader solution. When you purchase through links on our site, we may ...