Disgruntled researcher discloses two Windows zero-days.

A security researcher dubbed "Nightmare-Eclipse" published two Windows zero-days—"YellowKey," a BitLocker bypass requiring physical access that can yield root, and "GreenPlasma," a privilege-escalation flaw with a partial proof-of-concept—shortly after Patch Tuesday; the UK plans reforms to protect legitimate security research under the Computer Misuse Act; and German and U.S. authorities arrested and indicted an alleged Dream Market administrator, seizing cash, gold and cryptocurrency-related evidence.