PIN Archives

AppWizard

May 23, 2026

I hated multitasking on my Pixel — until I tried Android 17’s app bubbles

Software experience significantly influences smartphone appeal, with Google's Pixel series noted for its seamless interface. The recent Android 17 introduces features like app memory limits, enhanced controls, and improved location transparency, leading to the installation of its beta version on the Google Pixel 10a. A poll on multitasking preferences revealed that 17% prefer split screen, 57% switch between apps, and 27% barely multitask. The introduction of the bubbles feature in Android 17 enhances multitasking by allowing users to pin up to five apps simultaneously, facilitating quick access and seamless transitions between tasks. The user's setup includes Instagram, WhatsApp, Chrome, Slack, and YouTube Music, promoting a balanced work-life integration. The Pixel 10a is characterized by a flush camera design, good performance and battery life, strong cameras, and a promise of excellent software support. It features the Tensor G4 chip, a vibrant 120Hz display, and is priced at .99, with a commitment to seven years of software updates.

Winsage

May 23, 2026

CVE-2026-45585: YellowKey BitLocker Bypass

BitLocker, a security feature for data protection, has a vulnerability identified as CVE-2026-45585, also known as YellowKey, which allows unauthorized access to encrypted data on Windows 11 versions 24H2, 25H2, 26H1, and Windows Server 2025. This flaw does not compromise BitLocker’s encryption but affects the recovery environment supporting it. The vulnerability can be exploited locally through the Windows Recovery Environment (WinRE) by an attacker with physical access, who can trigger an unrestricted shell and access the BitLocker-protected volume. Microsoft has provided two mitigation strategies: modifying the WinRE image to remove the autofstx.exe entry and transitioning from TPM-only protection to a TPM+PIN requirement at startup. The exploit poses challenges for detection, as it occurs pre-boot and currently lacks vendor-published indicators of compromise. Organizations using BitLocker for unattended devices are particularly at risk, as the vulnerability can lead to loss of confidentiality if an attacker gains access before the legitimate user.

Winsage

May 20, 2026

Microsoft shares mitigation for YellowKey Windows zero-day

Microsoft has addressed the YellowKey vulnerability, a zero-day flaw in Windows BitLocker identified as CVE-2026-45585. This vulnerability allows unauthorized access to BitLocker-protected drives through a specific exploitation process involving 'FsTx' files. The flaw was disclosed by an anonymous researcher known as 'Nightmare Eclipse.' Microsoft has released mitigation strategies, including removing the autofstx.exe entry from the Session Manager's BootExecute REGMULTISZ value and reestablishing BitLocker trust for WinRE. Additionally, users are advised to change BitLocker settings from "TPM-only" to "TPM+PIN" mode, requiring a pre-boot PIN for drive decryption, and to enable "Require additional authentication at startup" for unencrypted devices.

Winsage

May 20, 2026

How To Mitigate The Microsoft Windows BitLocker ‘Angry Hacker’ 0-Day

Microsoft is addressing a zero-day exploit known as YellowKey, identified as CVE-2026-45585, which allows attackers to bypass BitLocker security using a specially crafted USB device. Following the release of exploit code by a hacker named Chaotic Eclipse, Microsoft has issued urgent mitigation advice. Cybersecurity expert Neena Sharma recommends treating this as an active threat and suggests implementing compensating controls, such as restricting USB boot access, until a patch is available. Microsoft has provided guidance for users to protect their systems, including the recommendation to add a PIN to BitLocker protection to reduce the risk of exploitation. Detailed instructions for adding a PIN are included in the advisory. YellowKey has not yet been exploited in the wild but requires physical access to the device.

Winsage

May 18, 2026

Switcher 2026: Minimizing the Microsoft in Windows 11 ⭐

Many users of Windows 11 seek to minimize reliance on Microsoft products while still utilizing the operating system's capabilities. This can be achieved through a thoughtful configuration of the system. Two laptops, the Surface Laptop 7 (Windows 11 Pro) and the HP OmniBook 5 (Windows 11 Home), were reset using the "Reset this PC" feature for a clean setup. A local account can be created during the Out of Box Experience (OOBE) by bypassing the online requirement. After connecting to Wi-Fi, updates were installed, and account security was enhanced by adding a password, PIN, and facial recognition. For Windows 11 Pro users, BitLocker can be enabled for disk encryption, while Windows 11 Home users may need to upgrade to Pro for this feature. Unnecessary Microsoft applications, such as OneDrive, OneNote, and Microsoft 365, were uninstalled, and the Start menu was cleaned up. Preferred applications were installed using web-based methods and the Windows Package Manager (winget). A preferred web browser was set as the default, and measures were taken to prevent Microsoft Edge from launching unexpectedly. OneDrive was uninstalled in favor of an alternative cloud storage client, and File Explorer was configured to improve usability. The Copilot key was repurposed to avoid accidental activation, and optional diagnostic data transmission was disabled to enhance privacy. Additional configurations included removing unnecessary taskbar items and adjusting power settings for a more personalized experience.

AppWizard

May 15, 2026

I’m tired of everything getting turned into a roguelite, but I’ll make an exception for pinball

Developers are rapidly creating quick-hit games inspired by various mechanics, with 257 new roguelites released on Steam in the past month. One notable title is Pin-Crawl, which introduces a roguelite twist to pinball gameplay, featuring upgrades that create chaotic effects and unique spells for strategic advantages. Although its visuals may not match those of established titles, it offers innovative gameplay mechanics, including stats, bosses, and meta progression. Pin-Crawl aims to deliver quick, engaging sessions, appealing to players' nostalgia for pinball while blending it with roguelite elements.

Winsage

May 14, 2026

Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

An anonymous cybersecurity researcher disclosed two new zero-day vulnerabilities affecting Microsoft systems: YellowKey and GreenPlasma. YellowKey is a BitLocker bypass that operates as a backdoor within the Windows Recovery Environment, impacting Windows 11 and Windows Server 2022/2025. Exploiting YellowKey involves copying specially crafted files to a USB drive, connecting it to a Windows computer, and rebooting into WinRE. The researcher expressed skepticism about Microsoft's response time to this vulnerability, noting that using TPM+PIN does not mitigate the risk. GreenPlasma is a privilege escalation vulnerability that allows an unprivileged user to obtain a shell with SYSTEM permissions through arbitrary section creation in Windows CTFMON. The proof-of-concept for this exploit is incomplete but indicates potential manipulation of trusted privileged services or drivers. Additionally, a related attack against BitLocker was detailed by French cybersecurity firm Intrinsec, which exploits a boot manager downgrade using CVE-2025-48804 to bypass encryption protections on fully patched Windows 11 systems. This method allows attackers to boot from a controlled WIM while the boot manager checks the legitimate one, executing with the decrypted BitLocker volume. Despite Microsoft releasing fixes for this defect in July 2025, a flaw in Secure Boot verification allows a vulnerable boot manager to bypass BitLocker safeguards. To mitigate these risks, enabling a BitLocker PIN at startup and migrating to a new boot manager certificate is recommended.

AppWizard

May 14, 2026

Samsung may be working on its most aggressive anti-distraction tool yet

Samsung is developing a feature for One UI 9 called “Network management for concentration,” which aims to help users manage distractions by controlling internet access for specific app categories, including Browser, Game, Social, Streaming, and Other. This feature is found in the hidden Connectivity Labs menu and allows users to restrict internet access without manual intervention. It includes a six-digit PIN system for security, ensuring only authorized users can modify settings, and features a “Downtime” mode to schedule automatic activation of restrictions. The feature is currently in the experimental phase, with its public release uncertain.

Winsage

May 13, 2026

Disgruntled researcher releases two more Microsoft zero-days

An anonymous researcher known as Nightmare-Eclipse has revealed two new vulnerabilities affecting Windows systems, named YellowKey and GreenPlasma, shortly after Microsoft's latest Patch Tuesday update. YellowKey is a "BitLocker bypass" that allows attackers with physical access to gain unrestricted shell access to protected machines. Experts have expressed concerns about YellowKey's potential to transform laptop theft into a serious breach notification scenario, and suggested mitigations such as implementing a BitLocker PIN and a BIOS password lock. Nightmare-Eclipse has also hinted that YellowKey could function as a backdoor allegedly introduced by Microsoft, although this claim remains unsubstantiated. GreenPlasma is a privilege escalation flaw for which partial exploit code has been released, but it currently triggers a User Account Control (UAC) consent prompt, requiring attackers to invest time in weaponizing it. There is no known mitigation for GreenPlasma, making it crucial for organizations to patch their systems promptly once Microsoft addresses the issue. Nightmare-Eclipse has previously disclosed five zero-day vulnerabilities this year, including BlueHammer, and has characterized their actions as a response to a perceived violation of trust. The researcher has indicated the existence of a "dead man's switch," suggesting that more disclosures could follow if their demands are not met.

Winsage

May 13, 2026

Windows BitLocker zero-day gives access to protected drives, PoC released

A cybersecurity researcher known as Chaotic Eclipse has released proof-of-concept exploits for two unpatched vulnerabilities in Microsoft Windows: YellowKey, a BitLocker bypass, and GreenPlasma, a privilege-escalation flaw. The YellowKey vulnerability affects Windows 11 and Windows Server 2022/2025, allowing unauthorized access to BitLocker-protected volumes by exploiting the Windows Recovery Environment. The exploit can be executed using specially crafted 'FsTx' files on a USB drive or directly on the EFI partition. Independent researcher Kevin Beaumont has validated the exploit, which can bypass BitLocker protections even in a Trusted Platform Module (TPM) environment. The GreenPlasma vulnerability allows unprivileged users to create arbitrary memory-section objects, potentially leading to privilege escalation. Chaotic Eclipse has expressed dissatisfaction with Microsoft's handling of bug reports, prompting the public disclosure of these vulnerabilities. Microsoft has stated its commitment to investigating security issues and updating affected devices.