windows
Windows BitLocker zero-day gives access to protected drives, PoC released
A cybersecurity researcher has published proof-of-concept (PoC) exploits for two unpatched Microsoft Windows vulnerabilities named YellowKey and GreenPlasma, which are a BitLocker bypass and a privilege-escalation flaw. Known as Chaotic Eclipse or Nightmare Eclipse, the researcher describes the BitLocker bypass issue as functioning like a backdoor because the vulnerable component is present only in the […]
Microsoft fixes BitLocker recovery issue only for Windows 11 users
Microsoft has addressed a known issue causing some Windows 11 systems to boot into BitLocker recovery after installing the April 2026 Windows security updates. BitLocker is a Windows security feature that encrypts storage drives to protect against data theft. It also often activates recovery mode after hardware changes or TPM (Trusted Platform Module) updates, blocking […]
Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026
On the first day of Pwn2Own Berlin 2026, security researchers collected $523,000 in cash awards after exploiting 24 unique zero-days. Today’s highlight was Orange Tsai’s attempt, who was awarded $175,000 in rewards after chaining 4 logic bugs to achieve a sandbox escape on Microsoft Edge. Windows 11 was also hacked three times by Angelboy and TwinkleStar03 (working with the DEVCORE Internship Program), Marcin Wiązowski, […]
Microsoft fixes Windows Autopatch bug installing restricted drivers
Microsoft has fixed a Windows Autopatch bug that caused driver updates restricted by administrative policies to be deployed on some Autopatch-managed Windows devices in the European Union. According to a service alert first spotted by Microsoft MVP Susan Bradley, the issue affected only a limited number of devices running client Windows platforms (i.e., Windows 11 […]
Dell confirms its SupportAssist software causes Windows BSOD crashes
Dell confirmed that its SupportAssist software is causing blue-screen crashes on some Windows systems following a wave of user reports about random reboots affecting Dell devices since Friday. SupportAssist is a software suite developed by Dell that comes pre-installed on most new Dell computers running Windows 10 or Windows 11. A Dell representative told customers […]
Microsoft May 2026 Patch Tuesday fixes 120 flaws, no zero-days
Today is Microsoft’s May 2026 Patch Tuesday, with security updates for 120 flaws and no zero-days disclosed. This Patch Tuesday addresses 17 “Critical” vulnerabilities, 14 of which are remote code execution, 2 are elevation of privilege, and 1 is an information disclosure flaw. The number of bugs in each vulnerability category is listed below: When […]
Windows 11 KB5089549 & KB5087420 cumulative updates released
Microsoft has released Windows 11 KB5089549 and KB5087420 cumulative updates for versions 25H2/24H2 and 23H2 to fix security vulnerabilities, bugs, and add new features. Today’s updates are mandatory as they contain the May 2026 Patch Tuesday security patches for 120 vulnerabilities discovered in previous months. You can install today’s update by going to Start > Settings > Windows Update and clicking on ‘Check for Updates.’ You can also manually download and […]
New GhostLock tool abuses Windows API to block file access
A security researcher has released a proof-of-concept tool named GhostLock that demonstrates how a legitimate Windows file API can be abused in attacks to block access to files stored locally or on SMB network shares. This technique, created by Kim Dvash of Israel Aerospace Industries, abuses the Windows ‘CreateFileW‘ API and file-sharing modes to prevent other users and […]
JDownloader site hacked to replace installers with Python RAT malware
The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based remote access trojan. The supply chain attack affects those who downloaded installers from the official website between May 6 and May 7, 2026 via the Windows “Download Alternative […]
Microsoft confirms April Windows updates cause backup failures
Microsoft has confirmed that the April 2026 security updates are causing failures in third-party backup applications using the psmounterex.sys driver. As GeekFeed reported last week, this issue affects software using VSS (Volume Shadow Copy Service) snapshots and causes failures due to a VSS service timeout. Software impacted by this includes, but is not limited to, products from Macrium (Reflect), Acronis (Cyber […]