The IT researcher behind the "NightmareEclipse" project shows new vulnerabilities: "YellowKey" in BitLocker and privilege escalation with "MiniPlasma".

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed "MiniPlasma" that lets attackers gain SYSTEM privileges on…

MiniPlasma revives a 2020 Windows cldflt.sys flaw, enabling SYSTEM access on May 2026 patched Windows 11 systems.

It’s nasty, but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse.…

Der IT-Forscher hinter dem „NightmareEclipse“-Projekt zeigt neue Lücken: „YellowKey“ in BitLocker und Rechteausweitung mit „MiniPlasma“.

The IT researcher behind the "NightmareEclipse" project shows new vulnerabilities: "YellowKey" in BitLocker and privilege escalation with "MiniPlasma".

YellowKey, GreenPlasma, and MiniPlasma add to growing list of vulns a security researcher has disclosed over the past 6 weeks.

Exploitation requires physical access, so enterprises should look to their device security policies.

Following the release of a BitLocker zero-day security bypass by a disgruntled hacker, Microsoft has now offered mitigation advice until a patch is available.

Microsoft has shared mitigations for YellowKey, a recently disclosed Windows BitLocker zero-day vulnerability that grants access to protected drives.

Microsoft has announced mitigations for CVE-2026-45585, a BitLocker bypass triggered via FsTx in Windows Recovery.