Tag

Zero Day

All articles tagged with #zero day

cyber-security3 days ago•24 min saved

AI Discovers 10,000+ Zero-Days in Glasswing Cyberdefense Initiative

Anthropic revealed that Glasswing, powered by Claude Mythos Preview, autonomously identified over 10,000 high- and critical-severity zero-day vulnerabilities across critical software in its first month, with more than 50 tech partners including Microsoft, Apple, Google, and Cloudflare. Cloudflare alone found about 2,000 bugs (400 high/critical); Mozilla patched 271 Firefox vulnerabilities, while many disclosures have not been patched upstream, highlighting a severe patch-delivery bottleneck. The findings underscore the need for stronger defenses and faster triage, as Mythos-class models remain restricted to defenders, with Claude Security in public enterprise beta and industry groups rolling out supporting tools to cope with the AI-driven vulnerability deluge.

via CyberSecurityNews|

#anthropic #cyber-security #cybersecurity

technology4 days ago•4 min saved

Microsoft patches Defender zero-days actively exploited in the wild

Microsoft released patches for two Defender zero-days—CVE-2026-41091 (privilege escalation in Malware Protection Engine) and CVE-2026-45498 (DoS in Antimalware Platform)—to stop active exploits. The updates install automatically by default, but admins should verify the Malware Protection Engine and Antimalware Platform versions are current. CISA added these flaws to its Known Exploited Vulnerabilities catalog and ordered federal agencies to patch by June 3 under BOD 22-01. The piece also notes mitigations for a Windows BitLocker flaw nicknamed YellowKey.

via BleepingComputer|

#cisa #defender #patch

security5 days ago•3 min saved

Microsoft Unveils Mitigations for Windows YellowKey Zero-Day

Microsoft released mitigations for the YellowKey Windows BitLocker zero-day (CVE-2026-45585) after a PoC disclosure by Nightmare Eclipse, detailing steps to prevent exploitation—removing the autofstx.exe entry from the Session Manager BootExecute to stop FsTx replay, reestablishing BitLocker trust for WinRE, and enforcing TPM+PIN startup or a startup PIN with TPM on devices (via PowerShell, Intune, or Group Policy)—to block attacks until a patch is available.

via BleepingComputer|

#bitlocker #mitigations #security

cyber-security-news7 days ago•57 min saved

Public PoC Unleashes Windows 'MiniPlasma' Privilege-Escalation to SYSTEM

A publicly released PoC for the Windows 'MiniPlasma' zero-day privilege-escalation flaw lets unprivileged users gain SYSTEM privileges by exploiting the Cloud Filter driver’s HsmOsBlockPlaceholderAccess race condition and writing to the .DEFAULT hive. The bug traces to CVE-2020-17103 (originally patched in 2020 by Microsoft) but the PoC shows the flaw remains exploitable; Nightmare-Eclipse released the exploit on GitHub on May 13, 2026, after May Patch Tuesday, increasing risk as weaponized code circulates and affects all Windows versions. Organizations should monitor Microsoft’s response and apply patches when available.

via CyberSecurityNews|

#cyber-security-news #miniplasma #nightmare-eclipse

technology8 days ago•38 min saved

Active 0-Day Exploit Prompts Urgent Microsoft Mitigations

Microsoft has confirmed an active zero-day exploit is being used to attack Windows systems and has issued emergency mitigations. Admins should promptly apply the available patches, enable the recommended mitigations, and monitor for indicators of compromise.

via Forbes|

#microsoft #patch #security

technology8 days ago•4 min saved

MiniPlasma PoC: New Windows zero-day grants SYSTEM on patched PCs

A security researcher released a GitHub proof-of-concept for a Windows privilege-escalation zero-day named MiniPlasma, which reportedly lets attackers obtain SYSTEM privileges on patched Windows by abusing the Cloud Filter driver (cldflt.sys) and the HsmOsBlockPlaceholderAccess path; the issue traces to CVE-2020-17103, first reported by Google Project Zero and allegedly fixed in December 2020, though the author claims it remains exploitable. BleepingComputer verified the PoC on Windows 11 Pro with May 2026 updates, while a vulnerability analyst confirmed it works on public builds but not on Canary; the disclosure follows Chaotic Eclipse's ongoing sequence of Windows zero-days and public protest against Microsoft’s handling of bug bounties. Microsoft has not publicly responded to this additional disclosure.

via BleepingComputer|

#cybersecurity #poc #privilege-escalation

cyber-security10 days ago•57 min saved

New BitLocker Zero-Days Bypass Encryption and Escalate Privileges on Windows

Two new unpatched Windows BitLocker zero-days—YellowKey (encryption bypass) and GreenPlasma (privilege escalation)—were disclosed after Patch Tuesday, leaving Windows 11 and Windows Server 2022/2025 exposed. YellowKey exploits the Windows Recovery Environment to bypass full-disk encryption, granting attackers full access to the system drive with physical access; GreenPlasma could enable unauthorized commands via arbitrary memory-section creation, enabling persistence and potential kernel-level access. There is no official patch yet; mitigations include enabling a BitLocker PIN, enforcing robust BIOS passwords, guarding WinRE against tampering, and restricting physical access until Microsoft releases fixes. Windows 10 is not affected.

via CyberSecurityNews|

#bitlocker #cyber-security #note-only-five-allowed-using-five-tags-below

technology12 days ago•4 min saved

Zero-Day Bypass Lets Attackers Crack Windows 11 BitLocker TPM in Seconds

A zero-day named YellowKey bypasses Windows 11’s default TPM-only BitLocker protection by exploiting a crafted FsTx/Transactional NTFS folder on a USB drive, enabling a CMD prompt and full drive access during Windows Recovery without needing the BitLocker key. Microsoft is investigating. The flaw highlights that TPM-only BitLocker may be insufficient security, with experts recommending BIOS passwords and PINs in addition to TPM protections.

via Ars Technica|

#bitlocker #cybersecurity #exploit

security12 days ago•4 min saved

Rogue researcher unleashes BitLocker bypass and SYSTEM-level Windows zero-days after Patch Tuesday

After Patch Tuesday, a rogue researcher released a third wave of Windows zero-days, including a BitLocker bypass dubbed 'Yellow key' and a privilege-escalation called 'GreenPlasma' that could grant SYSTEM-level access; the flaws affect Windows 11, Windows Server 2022, and Windows Server 2025, with Windows 10 reportedly unaffected. The exploits are publicly available on GitHub, and the researcher frames the disclosures as a backdoor-style challenge and warns of additional releases.

via Cybernews|

#bitlocker #cybersecurity #patch-tuesday

technology12 days ago•6 min saved

Chaotic Eclipse leaks PoCs for Windows BitLocker bypass and privilege escalation

Cybersecurity researcher Chaotic Eclipse has released PoCs for two Windows zero-days, YellowKey (BitLocker bypass) and GreenPlasma (privilege escalation), linked to the Chaotic Eclipse/Nightmare Eclipse set. YellowKey exploits WinRE via specially crafted FsTx files to bypass BitLocker on Windows 11 and Server 2022/2025, potentially affecting TPM-only configurations; GreenPlasma could enable a SYSTEM-level shell, though its PoC is incomplete. The disclosures follow earlier flaws (BlueHammer, RedSun) and ongoing leaks, with Microsoft saying it is investigating and supporting coordinated disclosure as Patch Tuesday nears.

via BleepingComputer|

#bitlocker #chaotic-eclipse #technology

technology13 days ago•3 min saved

AI-enabled hacking erupts into industrial-scale threat, Google warns

Google warns that AI-powered hacking has become an industrial-scale threat, with criminal and state-backed actors using commercial AI models (Gemini, Claude, OpenAI tools) to accelerate testing, scale attacks, and exploit near-zero-day flaws; the report notes related developments like OpenClaw experiments and references Mythos as a separate powerful model. Experts caution that AI could aid defense but productivity gains remain uncertain, underscoring the need for long-term, uncertainty-aware evaluation of AI's public-sector impact.

via The Guardian|

#ai #cybercrime #cybersecurity

cybersecurity14 days ago•2 min saved

AI-Driven Zero-Day Discovery Linked to 2FA Target, Google Says

Google’s Threat Intelligence Group says a prominent cybercrime group used an AI-assisted zero-day in a Python script to target a popular open-source web-based system administration tool, potentially bypassing two-factor authentication; Google and the vendor coordinated a disclosure and patch, noting Gemini was not involved and that the attackers likely leveraged AI to discover and weaponize the flaw, amid broader debates around Mythos hype.

via Gizmodo|

#artificial-intelligence #cybersecurity #google

technology14 days ago•1 min saved

AI-Powered Hacking Emerges, Google's Threat Intel Warns

Google’s threat intelligence group says unnamed cybercrime actors teamed up to weaponize an AI-generated zero-day in a Python script that could bypass two-factor authentication on a popular open-source system; the attack was thwarted and the vulnerability disclosed to the vendor, highlighting that AI-assisted hacking is already underway as criminals and state actors explore AI to find and exploit software flaws, including malware like PromptSpy that uses Gemini to autonomously navigate Android devices.

via Axios|

#ai #cybersecurity #google

technology14 days ago•2 min saved

Google blocks AI-assisted zero-day exploit aimed at bypassing 2FA

Google’s Threat Intelligence Group said hackers tried to use an AI model to identify a zero-day vulnerability and bypass two-factor authentication, but Google blocked the effort, highlighting AI-enabled cyber threats ahead of Anthropic’s Mythos launch.

via Seeking Alpha|

#ai-security #cybersecurity #google

technology14 days ago•3 min saved

AI-Driven Zero-Day Attack Could Evade 2FA, Google Warns

Google researchers revealed an AI-powered zero-day attack that identified and weaponized a previously unknown flaw in a popular open-source tool, potentially bypassing two-factor authentication; thwarted by proactive discovery, it’s the first zero-day exploit known to be developed with AI and underscores rising cybersecurity risks as AI capabilities grow.

via Futurism|

#ai #cybersecurity #google