Home/Tag/Windows

Windows

10 articles tagged with "Windows"

Vulnerabilities4 min read

Researcher Drops YellowKey BitLocker Bypass, GreenPlasma SYSTEM Exploit

A disgruntled researcher released two unpatched Windows zero-days: YellowKey bypasses BitLocker encryption via USB, while GreenPlasma grants SYSTEM privileges. No patches available yet.

Marcus ChenMay 14, 2026

Vulnerabilities3 min read

Microsoft Fixes 120 Flaws in May Patch Tuesday, 17 Critical

Microsoft's May 2026 Patch Tuesday addresses 120 vulnerabilities including 17 critical RCE flaws. No zero-days, but Word preview pane attacks and Netlogon bugs demand immediate attention.

Marcus ChenMay 13, 2026

Tools5 min read

GhostLock Locks 500K Files in 3 Minutes Without Encryption

A new proof-of-concept tool abuses Windows CreateFileW API to block file access across SMB shares. The technique evades all tested EDR products and requires no elevated privileges.

David OkonkwoMay 12, 2026

Announcements4 min read

Microsoft Defender Flags Legit DigiCert Certs as Trojans

A faulty signature update caused Windows Defender to detect trusted DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha. Microsoft has released a fix, but some users already reinstalled Windows.

ProbablyPwned TeamMay 3, 2026

Vulnerabilities5 min read

APT28 Exploiting Windows Shell Flaw to Steal NTLM Credentials

Russian state hackers weaponize CVE-2026-32202, an incomplete patch for Windows Shell that enables zero-click NTLM hash theft. Microsoft confirms active exploitation after Akamai discovers the bypass.

Marcus ChenApr 28, 2026

Vulnerabilities5 min read

PhantomRPC: Unpatched Windows Flaw Enables SYSTEM Escalation

Kaspersky discloses PhantomRPC, an architectural Windows RPC vulnerability enabling SYSTEM-level privilege escalation across all Windows versions. Microsoft declined to patch despite five exploitation paths.

Marcus ChenApr 27, 2026

Malware4 min read

Kyber Ransomware Deploys Post-Quantum Crypto on Windows

New Kyber ransomware operation uses NIST-standardized Kyber1024 encryption on Windows while targeting VMware ESXi with a separate variant. Rapid7 analysis reveals the ESXi version's claims are false.

James RiveraApr 23, 2026

Vulnerabilities4 min read

RedSun: Second Windows Defender Zero-Day Drops in Two Weeks

Frustrated researcher 'Chaotic Eclipse' releases RedSun, another Windows Defender privilege escalation exploit granting SYSTEM access. Microsoft has not yet patched this second zero-day.

Marcus ChenApr 17, 2026

Vulnerabilities3 min read

BlueHammer: Researcher Leaks Unpatched Windows Zero-Day Exploit

Security researcher releases working proof-of-concept for BlueHammer, an unpatched Windows Defender privilege escalation flaw enabling SYSTEM access via TOCTOU and path confusion vulnerabilities.

Marcus ChenApr 7, 2026

Vulnerabilities4 min read

Microsoft Patches Six Zero-Days in February Patch Tuesday

Microsoft's February 2026 Patch Tuesday fixes 59 flaws including six actively exploited zero-days. CrowdStrike confirmed CVE-2026-21533 was used in attacks targeting US and Canada since December.

Marcus ChenFeb 12, 2026