YellowKey and GreenPlasma: Two New Windows Zero-Days Unveiled

Nightmare-Eclipse publicly released a suite of Windows exploits including YellowKey (a BitLocker bypass via WinRE and USB) and GreenPlasma (a CTFMON-based local privilege escalation), alongside prior tools (BlueHammer, RedSun, UnDefend) that together enable physical disk access, SYSTEM escalation, and Defender suppression; these tools are reported being exploited in the wild, posing critical risk to enterprises and regulated organizations and prompting urgent patching, USB/boot hardening, ASR deployment, and IOC-based hunting.