TECH NEWS

Researcher Drops YellowKey, GreenPlasma Windows Zero-Days

A disgruntled security researcher this week publicly disclosed two zero-day vulnerabilities in Windows that enable BitLocker bypass and privilege escalation.

BitLocker, Windows’ built-in full-volume encryption feature, relies on TPM (Trusted Platform Module) to deliver hardware-based security, protecting users’ data from unauthorized access if the device is stolen or lost.

On Tuesday, a cybersecurity researcher known as Chaotic Eclipse and Nightmare Eclipse published proof-of-concept (PoC) code that allows an attacker with physical access to a machine running Windows 11 to bypass BitLocker and gain unrestricted access to the storage volume. The exploit has been dubbed YellowKey.

This is not the first time Chaotic Eclipse has disclosed unpatched vulnerabilities in Microsoft products, and the researcher previously suggested they are displeased with the tech giant’s handling of vulnerability reports.

According to the researcher, the underlying issue for YellowKey is a well-hidden vulnerability without an explicit root cause, and could be a backdoor intentionally...

Copyright of this story solely belongs to securityweek.com. To see the full text click HERE

https://image.theregister.com/257741.jpg?imageId=257741&x=0&y=0&cropw=100&croph=100&panox=0&panoy=0&panow=100&panoh=100&width=1200&height=683

Google Cloud suspended major customer Railway.com without cause, causing outage

This is the service we get when we spend $10m plus? asks automated code deployment outfit PaaS platform Railway says Google temporarily suspended its account on Wednesday without cause, inducing a major outage. Railway automates code deployment by taking a GitHub repo and doing all the work needed to get

https://www.techtarget.com/visuals/LeMagIT/hero_article/Cybersecurity_search_AdobeStock_1884692525-hero.jpg

What CISOs need to know about AI audit logs | TechTarget

AI is reshaping the application landscape, seemingly overnight. A recent Google Cloud survey of 3,466 senior business leaders found 77% of organizations are increasing spending on generative AI, with the vast majority already reporting ROI on at least one GenAI use case. More than half have also deployed agentic

https://assets.bwbx.io/images/users/iqjWHBFdfxIU/iP5Ca8JA715s/v0/1200x800.jpg

Samsung Electronics rejects a labor union-accepted mediation proposal, raising the prospect of a workers' strike; a general work stoppage will proceed on May 21

Sponsor Posts Niantic Spatial: World models need real-world data — Scaniverse is the gateway to spatial services — self-serve and built for AI and robotics. Large-area 3D reconstruction from 360° cameras and precise localization, anywhere machines operate. Protecting your Cloud Applications Data — Backing up Office 365, Google Workspace, Dropbox & Salesforce data

https://cdn1.expresscomputer.in/wp-content/uploads/2026/05/20094746/EC_Dr_Satya_Ramaswamy_CDO_CTO_Air_India_750.jpg

140 systems, 30 AI initiatives, 2-years: Inside Air India’s digital reinvention

As India’s aviation industry is undergoing one of its most ambitious reinventions, Air India’s transformation stands out for its scale, speed, and operational complexity. In less than three years, the airline has modernised more than 140 enterprise systems, migrated to a 100% cloud-native infrastructure, launched award-winning digital consumer

Read more

Google Cloud suspended major customer Railway.com without cause, causing outage

What CISOs need to know about AI audit logs | TechTarget

Samsung Electronics rejects a labor union-accepted mediation proposal, raising the prospect of a workers' strike; a general work stoppage will proceed on May 21

140 systems, 30 AI initiatives, 2-years: Inside Air India’s digital reinvention