Top stories.
- Disgruntled researcher discloses two Windows zero-days.
- UK proposes updates to cybersecurity laws.
- Alleged Dream Market administrator faces charges in Germany and the US.
Disgruntled researcher discloses two Windows zero-days.
An anonymous security researcher known as "Nightmare-Eclipse" released two Windows zero-days just after Microsoft's Patch Tuesday updates, the Register reports. The first vulnerability, dubbed " YellowKey," is a BitLocker bypass that allows an attacker with physical access to obtain root access on a machine. While the need for physical access lessens the scope of the flaw, Rik Ferguson, VP of security intelligence at Forescout, noted, "If [the researcher's claim] holds up, a stolen laptop stops being a hardware problem and becomes a breach notification." The flaw can be mitigated with a BitLocker PIN and a BIOS password lock.
The second vulnerability, dubbed "GreenPlasma," is a privilege escalation flaw that can allow attackers to obtain SYSTEM privileges. The researcher published a proof-of-concept exploit without the code needed to reach SYSTEM.
Nightmare-Eclipse is a disgruntled researcher who appears to be running a retaliatory campaign against Microsoft. The individual disclosed three additional Windows zero-days earlier this year.
UK proposes updates to cybersecurity laws.
The British government yesterday said it would rework its cybercrime laws to protect security researchers from legal ramifications for legitimate work, the Record reports. The UK cyber industry has long warned that the Computer Misuse Act of 1990 was outdated and created uncertainty surrounding vulnerability research, penetration testing, and threat intelligence activities. Proposed reforms to the act were put forward alongside the King's Speech on Wednesday, though specifics haven't been released.
The Record quotes a spokesperson for the CyberUp Campaign as saying, "For years, the Computer Misuse Act (CMA) has left legitimate cyber security professionals and researchers operating under unnecessary legal risk, while hostile actors move faster and with fewer constraints. By including CMA reform in the National Security Bill, the Government has recognised a basic reality: cyber professionals cannot be expected to defend the country with one hand tied behind their backs."
Alleged Dream Market administrator faces charges in Germany and the US.
The US Justice Department has indicted a German citizen, Owe Martin Andresen, for allegedly running the major criminal marketplace "Dream Market" before its shutdown in 2019. Andresen was arrested last week in Germany and is facing parallel charges from the German government. While the criminal market has been inactive for years, Andresen was identified by law enforcement while he was allegedly trying to extract and launder millions of dollars from Dream Market's cryptocurrency wallets.
The Justice Department stated, "On May 7, 2026, in a coordinated effort by both German and U.S. law enforcement, Andresen was arrested on German charges, and his residence and two other locations were searched. During the searches, law enforcement located approximately $1.7 million of gold bars allegedly purchased with Dream Market funds, as well as over $23,000 in cash. Law enforcement also located information identifying several bank accounts and cryptocurrency wallets containing approximately $1.2 million of funds believed to be proceeds of the Dream Market."
