Unbiased AI-powered news
Chaotic Eclipse publicly released proof-of-concept code for YellowKey, a BitLocker encryption bypass, and GreenPlasma, a CTFMON privilege escalation vulnerability. Both exploits were used in active attack campaigns within 24 hours. The disclosures follow the hacker's earlier BlueHammer release in April.
ForbesA hacker known by the monikers Chaotic Eclipse and Nightmare Eclipse publicly disclosed two zero-day exploits named YellowKey and GreenPlasma in synchronization with Microsoft's Patch Tuesday release this month. Microsoft did not patch any in-the-wild vulnerabilities in the update.
Both YellowKey and GreenPlasma exploit proof-of-concept codes were used in active attack campaigns within 24 hours of the public proof-of-concept code being published.
YellowKey is a Windows BitLocker encryption bypass zero-day exploit. GreenPlasma is a Windows CTFMON arbitrary section creation elevation of privileges vulnerability. The day after Microsoft Patch Tuesday is known as Exploit Wednesday.
The disclosures continue a pattern. Chaotic Eclipse publicly released exploit code for a zero-day named BlueHammer in April that turned Microsoft Defender’s update workflow into a credential theft mechanism. The hacker has expressed escalating frustration with the Microsoft Security Response Center.
“Microsoft has chosen to make this worse instead of resolving the situation like adults, they pulled every childish game possible. My patience is running out you're making everyone else paying for it,” Chaotic Eclipse stated. ” The hacker also warned the Microsoft Security Response Center: “Your recent actions made me take the difficult decision to drag other companies into this, be prepared to answer questions.
Next Patch Tuesday will have a big surprise for you, Microsoft. ” Neena Sharma, a cybersecurity specialist at Filigree, advised organizations to assess their exposure immediately, particularly for devices in high-risk physical access scenarios such as field devices and shared workstations.
Because immediate patching is not possible, Sharma suggested implementing compensating controls like restricting USB boot access.
Forbes reported the details of the synchronized disclosures, the prior BlueHammer release, the active exploitation timeline and the expert commentary from Knapp and Sharma.
Single source — no framing comparison available.
ndtv.comMeta removed the tool days after launch following user feedback. The feature had allowed image generation from public Instagram accounts by default.
news.google.comA children's YouTube creator posted on Instagram supporting kindergarteners who wore hijabs to a Minnesota graduation. The post followed a video shared by President Trump showing the children in head coverings.
zerohedge.comApple filed a lawsuit on July 10, 2026, against OpenAI and two ex-employees in U.S. District Court in California. The complaint claims misappropriation of confidential information through poaching and unauthorized access.