AICRIER_2
OPEN FEED
YOU ARE VIEWING ONE ITEM FROM THE AICRIER FEED

Researcher leaks two Windows zero-days

AICrier tracks AI developer news across Product Hunt, GitHub, Hacker News, YouTube, X, arXiv, and more. This page keeps the article you opened front and center while giving you a path into the live feed.

EXPLORE LATEST FEEDSEE FEATURED PICKS

// WHAT AICRIER DOES

7+

TRACKED FEEDS

24/7

SCRAPED FEED

Short summaries, external links, screenshots, relevance scoring, tags, and featured picks for AI builders.

Researcher leaks two Windows zero-days
OPEN LINK ↗
// 26d agoSECURITY INCIDENT

Researcher leaks two Windows zero-days

ANNOUNCEMENTPRODUCTGITHUB

Disgruntled researcher "Nightmare-Eclipse" released unpatched BitLocker bypass and privilege escalation exploits for Windows 11 on GitHub. The leaks are part of an ongoing protest against Microsoft's vulnerability response process and follow the weaponized use of previous disclosures.

// ANALYSIS

This "vigilante disclosure" campaign creates a massive headache for IT admins, as the BitLocker bypass (YellowKey) effectively functions as a physical-access backdoor.

  • YellowKey exploits an undocumented WinRE component to bypass encryption even in TPM+PIN configurations
  • GreenPlasma targets the ctfmon.exe subsystem for local privilege escalation to SYSTEM
  • The researcher's "Patch Tuesday leaks" threat forces Microsoft into a reactive, high-stakes patching cycle
  • Confirmation of real-world weaponization by threat actors underscores the immediate risk of these public PoCs
  • This incident highlights the breakdown in trust between individual researchers and corporate bug bounty programs
// TAGS
microsoftwindowssecuritysafetyinfrastructurebitlockernightmare-eclipse

DISCOVERED

26d ago

2026-05-14

PUBLISHED

26d ago

2026-05-14

RELEVANCE

8/ 10

AUTHOR

e12e