cd /news/cybersecurity/zero-day-exploit-against-windows-bit… · home topics cybersecurity article
[ARTICLE · art-9120] src=schneier.com ↗ pub= topic=cybersecurity verified=true sentiment=↓ negative

Zero-Day Exploit Against Windows BitLocker

A researcher known as Nightmare-Eclipse published a zero-day exploit named YellowKey that bypasses default Windows 11 BitLocker encryption. The attack requires physical access to the computer and targets the full-volume encryption that relies on a hardware security chip called a TPM. BitLocker is a mandatory security feature for many organizations, including government contractors.

read1 min views25 publishedMay 18, 2026

It’s nasty, but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in a secured piece of hardware known as a trusted platform module (TPM). BitLocker is a mandatory protection for many organizations, including those that contract with governments...

source & further reading
schneier.com — original article Bernie Sanders’ AI Sovereign Wealth Fund Plan Critical Zcash Vulnerability Found and Fixed Anthropic’s Project Glasswing Update
── more in #cybersecurity 4 stories · sorted by recency
sponsored brought to you by zahid.host 4,200+ EU-deployed projects
reading about agents? ship yours in a single git push.

Run your AI side-project on zahid.host

EU-based hosting, git-push deploys, automatic HTTPS, no cold starts. Free tier with a custom domain — perfect for shipping the agent you just read about.

$git push zahid main
Live at https://your-agent.zahid.host
Get free account → Pricing
from €0/mo · no card required
LIVE [news/zero-day-exploit-aga…] indexed:0 read:1min 2026-05-18 ·