Zero-day exploit bypasses default windows 11 bitlocker encryption

A newly published zero-day exploit allows attackers with physical access to bypass BitLocker encryption on Windows 11 devices in seconds. The attack, named YellowKey, targets the default TPM-only configuration and grants full access to encrypted drives via a simple USB-based method.

The exploit was released earlier this week by a researcher using the alias Nightmare-Eclipse. It works by placing a custom FsTx folder on a USB drive formatted as NTFS or FAT. After connecting the drive and forcing entry into Windows Recovery, the system opens a command prompt with unrestricted access to the drive contents, bypassing the usual BitLocker recovery key requirement.

Makala yanayohusiana

Illustration depicting the Linux CopyFail vulnerability enabling root access exploits alongside Ubuntu's DDoS-induced outage.
Picha iliyoundwa na AI

Linux CopyFail exploit threatens root access amid Ubuntu outage

Imeripotiwa na AI Picha iliyoundwa na AI

A critical Linux vulnerability known as CopyFail, tracked as CVE-2026-31431, allows attackers to gain root access on systems running kernels since 2017. Publicly released exploit code has heightened risks for data centers and personal devices. Ubuntu's infrastructure has been offline for over a day due to a DDoS attack, hampering security communications.

Microsoft has alerted users that hackers are targeting password reset processes to breach accounts. The activity is attributed to the group Storm-2949.

Imeripotiwa na AI

A newly discovered flaw in Trend Micro's Apex One allows hackers to inject malicious code. The zero-day vulnerability is being actively exploited.

Microsoft released its June Patch Tuesday update for Windows 11 on June 10, introducing a low-latency profile and other performance improvements. The update also patches 206 security vulnerabilities.

Imeripotiwa na AI

Trezor has revealed a vulnerability in the TROPIC01 secure element chip used in its Safe 7 hardware wallet. The company said the issue does not put user funds at risk.

Jumamosi, 23. Mwezi wa tano 2026, 01:36:41

Linux kernel flaw lets unprivileged users gain root access

Alhamisi, 7. Mwezi wa tano 2026, 00:48:14

Experts warn Microsoft Phone Link tool exploited by unknown threat

Jumanne, 5. Mwezi wa tano 2026, 12:10:37

Daemon Tools app hit by monthlong supply-chain attack

Jumatano, 22. Mwezi wa nne 2026, 09:46:30

Microsoft patches critical ASP.NET Core vulnerability on macOS and Linux

Alhamisi, 16. Mwezi wa nne 2026, 01:10:06

TotalRecall Reloaded exposes Windows Recall security gap

Tovuti hii inatumia vidakuzi

Tunatumia vidakuzi kwa uchambuzi ili kuboresha tovuti yetu. Soma sera ya faragha yetu kwa maelezo zaidi.
Kataa