Mystery Microsoft Bug Leaker Keeps the Zero-Days Coming

An anonymous researcher known as Nightmare-Eclipse has released two new Microsoft Windows zero-day vulnerabilities—YellowKey, a BitLocker bypass allowing unrestricted access to encrypted machines via USB, and GreenPlasma, a privilege escalation flaw granting SYSTEM access. Security experts warn these exploits pose serious risks, especially for stolen devices and post-compromise attacks, with no known mitigation currently available for GreenPlasma; this continues an ongoing series of damaging disclosures by the researcher following a claimed breach of trust with Microsoft.

https://www.theregister.com/security/2026/05/13/disgruntled-researcher-releases-two-more-microsoft-zero-days/5239758

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top