[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fS3dSDDxyS8Ac-60Q_mpZYCNQOr4JriYnUhel9B-xbtA":3},{"article":4,"iocs":54},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":34,"category":35,"article_tags":38},"d2c875c0-332a-4715-a5c5-697652db99f8","‼️ Nightmare-Eclipse has just released two new GitHub repositories... Same user behind RedSun, Un...","nightmare-eclipse-has-just-released-two-new-github-repositories-same-user-behind-7f8fb6","‼️ Nightmare-Eclipse has just released two new GitHub repositories... Same user behind RedSun, UnDefend, BlueHammer\n\nYellowKey: Bitlocker Bypass Vulnerability\nhttps:\u002F\u002Ft.co\u002FMFM7PQ8JX0\n\nGreenPlasma: Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability https:\u002F\u002Ft.co\u002Fl5lZnERgsZ","A threat actor known as Nightmare-Eclipse, linked to previous malware campaigns RedSun, UnDefend, and BlueHammer, has released two new GitHub repositories containing exploitation tools. YellowKey targets BitLocker encryption bypass, while GreenPlasma exploits a Windows CTFMON vulnerability to achieve arbitrary privilege escalation. The public release of these tools increases their availability to other attackers and poses immediate risk to Windows systems.","Threat actor releases two new exploitation tools: YellowKey (BitLocker bypass) and GreenPlasma (Windows privilege",null,"https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2054229813947211975","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHIIXF4mXIAEavvO.jpg","2026-05-12T15:58:48+00:00","2026-05-12T16:00:11.726451+00:00",8,[18,21,24,26,28,31],{"name":19,"type":20},"Nightmare-Eclipse","threat_actor",{"name":22,"type":23},"RedSun","campaign",{"name":25,"type":23},"UnDefend",{"name":27,"type":23},"BlueHammer",{"name":29,"type":30},"BitLocker","technology",{"name":32,"type":33},"Windows CTFMON","product","89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5",{"id":34,"icon":11,"name":36,"slug":37},"Malware","malware",[39,44,49],{"category":40},{"id":41,"icon":11,"name":42,"slug":43},"02371804-cf6d-4449-98de-f1a2d4d9b266","Tools","tools",{"category":45},{"id":46,"icon":11,"name":47,"slug":48},"80544778-fabb-4dcd-aa35-17492e5dcf4f","Vulnerabilities","vulnerabilities",{"category":50},{"id":51,"icon":11,"name":52,"slug":53},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[55,58,61,63,64],{"type":37,"value":56,"context":57},"YellowKey","BitLocker bypass exploitation tool released by Nightmare-Eclipse",{"type":37,"value":59,"context":60},"GreenPlasma","Windows CTFMON privilege escalation exploitation tool released by Nightmare-Eclipse",{"type":37,"value":22,"context":62},"Previous malware campaign attributed to same threat actor",{"type":37,"value":25,"context":62},{"type":37,"value":27,"context":62}]