physical Archives

Winsage

May 23, 2026

CVE-2026-45585: YellowKey BitLocker Bypass

BitLocker, a security feature for data protection, has a vulnerability identified as CVE-2026-45585, also known as YellowKey, which allows unauthorized access to encrypted data on Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. This flaw does not compromise BitLocker’s encryption but affects the recovery environment supporting it. The vulnerability can be exploited locally through the Windows Recovery Environment (WinRE) by an attacker with physical access, who can trigger an unrestricted shell and access the BitLocker-protected volume. Microsoft has provided two mitigation strategies: modifying the WinRE image to remove the autofstx.exe entry and transitioning from TPM-only protection to a TPM+PIN requirement at startup. The exploit poses challenges for detection, as it occurs pre-boot and currently lacks vendor-published indicators of compromise. Organizations using BitLocker for unattended devices are particularly at risk, as the vulnerability can lead to loss of confidentiality if an attacker gains access before the legitimate user.

Winsage

May 22, 2026

Microsoft says public sharing of Windows 11 vulnerability violates ‘best practices’

A security researcher known as Nightmare-Eclipse revealed a vulnerability in Windows 11, named YellowKey, which allows attackers to access BitLocker-encrypted drives through the Windows Recovery Environment. Microsoft acknowledged the vulnerability, assigned it the identifier CVE-2026-45585, and criticized the public sharing of its proof of concept. Currently, there is no patch available for the BitLocker bypass, but physical access to the device provides some protection. The vulnerability does not exist in Windows 10 due to differences in the Windows Recovery Environment. The attack requires a stolen Windows 11 laptop and a USB stick, and the vulnerable filesystems include NTFS, FAT32, and exFAT. Nightmare-Eclipse speculated that the bypass may function as a backdoor, while Microsoft referred to it as a "security feature bypass vulnerability."

Winsage

May 21, 2026

This new Windows app is a quiet, thoughtful Markdown reader that feels great to use

A new Markdown reader called Sefer has been released on the Microsoft Store, designed for a distraction-free reading experience on Windows. It features a clear and elegant rendering of Markdown files, a user-friendly layout, and seamless transitions between light and dark modes. Sefer aims to replicate the experience of reading a physical book with real typography and paper-like themes. It is now available for download, targeting Markdown enthusiasts who appreciate clarity and minimalism in their reading. Markdown is a lightweight markup language used for formatting text efficiently.

AppWizard

May 21, 2026

And Now I’ve Vibe Coded a Native Android Markdown App ⭐

The author developed a Markdown editor using Google AI Studio, initially intending to create a native Android application but ultimately producing a web app. They discovered a feature in Google AI Studio to build an Android app and crafted a prompt for a Markdown editor resembling Typora. The app includes file management, a WYSIWYG editing view, and keyboard shortcuts, with enhancements for hyperlink insertion and theme customization. The author successfully installed the app on a physical device and tested it on different configurations. They noted limitations in the testing capabilities of AI Studio and faced challenges transferring the project to Android Studio due to unclear instructions. The app is functional and feature-rich, but cannot be publicly shared due to the inclusion of a Google API key. Google has indicated that sharing on the Google Play Store will be possible in the future.

Winsage

May 20, 2026

How To Mitigate The Microsoft Windows BitLocker ‘Angry Hacker’ 0-Day

Microsoft is addressing a zero-day exploit known as YellowKey, identified as CVE-2026-45585, which allows attackers to bypass BitLocker security using a specially crafted USB device. Following the release of exploit code by a hacker named Chaotic Eclipse, Microsoft has issued urgent mitigation advice. Cybersecurity expert Neena Sharma recommends treating this as an active threat and suggests implementing compensating controls, such as restricting USB boot access, until a patch is available. Microsoft has provided guidance for users to protect their systems, including the recommendation to add a PIN to BitLocker protection to reduce the risk of exploitation. Detailed instructions for adding a PIN are included in the advisory. YellowKey has not yet been exploited in the wild but requires physical access to the device.

AppWizard

May 20, 2026

Nationwide banking app update ahead of Fairer Share £100 decision

Beginning Thursday, Nationwide customers can conceal payment references on incoming bank transfers within the app. This feature aims to help prevent abusers from using banking systems to maintain unwanted contact and control over survivors. Domestic abuse charities have raised concerns about payment references being used for harassment, with some abusers sending messages or threats through these references. Nationwide's initiative empowers customers to control what is visible in their accounts. Approximately 4.2 million women in the UK have experienced economic abuse, which can include controlling bank accounts and monitoring financial activity. Nationwide's vulnerability support team assisted 312 customers facing abuse in 2025, an increase from 213 the previous year. The organization has also established “safe spaces” in hundreds of branches for domestic abuse support. Campaigners urge other banks to assess how banking features might be exploited by abusers, and Nationwide is considering extending similar functionalities to Virgin Money customers in the future.

AppWizard

May 20, 2026

Lords Of The Fallen II No Longer Epic Games Store Exclusive On PC

CI Games has entered into a separation agreement with Epic Games Publishing, allowing Lords of the Fallen II to be distributed across various PC storefronts instead of being exclusive to the Epic Games Store. CI Games will self-publish the game while PLAION will handle global physical distribution. The game will utilize Unreal Engine 5 and Epic Online Services for features like cross-platform multiplayer and co-op functionalities. Lords of the Fallen II is scheduled to launch later this year for PlayStation 5, Xbox Series X|S, and PC.

BetaBeacon

May 19, 2026

One of the best handheld Zelda games is now (unofficially) available on Android

An unofficial Android port of The Legend of Zelda: The Minish Cap has been released by developer MatheoVignaud.

Winsage

May 18, 2026

Why Your Windows 11 PC Doesn’t Get AI Features

Several hundred million Windows 11 users are experiencing frustrations due to the absence of Microsoft features like Recall and Cocreator, which are only available on Copilot+ PCs. Microsoft has divided Windows 11 into two tiers, with the latest AI functionalities requiring specific hardware known as Copilot+ PC. To qualify, a device must have: - An NPU capable of at least 40 TOPS - A minimum of 16 GB of RAM (DDR5 or LPDDR5) - At least 256 GB of SSD storage - Windows 11 version 24H2 or newer - A processor from specific families: Qualcomm Snapdragon X series, Intel Core Ultra 200V (Lunar Lake), or AMD Ryzen AI 300 series Many PCs lack these features due to missing NPUs, insufficient TOPS ratings, unsupported processor generations, outdated Windows versions, rollout delays, or regional limits. Features locked behind Copilot+ include Recall, Click to Do, Cocreator in Paint, Windows Studio Effects, Live Captions with Translation, Improved Windows Search, and Auto Super Resolution. To check for Copilot+ compatibility, users can verify the presence of an NPU in Task Manager, ensure they have Windows 11 version 24H2 or newer, and confirm their processor against the approved list. While some workarounds exist to enable features on unsupported PCs, they are often unstable and not recommended for primary use. Most users may not need to upgrade their laptops unless they require on-device AI features or their current device is significantly outdated. The AI feature gap is not currently critical for most users, as many features are optional or not essential.

AppWizard

May 17, 2026

Capcom Games Sell More on PC Than on Consoles, and Almost All Sales Are Digital

Capcom's PC sales surpassed console sales for the third consecutive year, with 32.17 million copies sold on PC compared to 22.76 million on consoles during the 2025 fiscal year, which ended on March 31. The company sold nearly 60 million games, exceeding expectations by five million copies. In 2022, PC sales accounted for 52% of Capcom's total game sales. Capcom's success is attributed to strategic pricing, including discounts and promotions for PC gamers. The company also incorporates generative AI for tasks like error checking and data analysis in game development.