Critical Zero-Days Surface Across Windows BitLocker and Outlook as Ransomware Targets Foxconn

Security researchers have disclosed a pair of unpatched Windows BitLocker vulnerabilities, YellowKey and GreenPlasma, with proof-of-concept code already circulating publicly. The timing of this release coincides with Microsoft's May 2026 Patch Tuesday, which addressed 138 CVEs—including a critical zero-click Outlook flaw, CVE-2026-40361, requiring no user interaction to exploit. The convergence of active proof-of-concept availability and a mass vulnerability remediation cycle signals acute pressure on enterprise patching pipelines.

Foxconn's North American manufacturing operations suffered a documented ransomware attack by the Nitrogen group, with attackers claiming to have exfiltrated 8 terabytes of data. The incident highlights persistent targeting of supply-chain manufacturing infrastructure, where operational disruption and intellectual property theft create compounding leverage for extortion demands. Meanwhile, Google Project Zero publicly demonstrated a complete zero-click exploit chain targeting Pixel 10 devices, underscoring the expanding attack surface in mobile firmware and baseband components. Fortinet and Ivanti issued patches for critical remote code execution and information disclosure flaws in their respective platforms, reinforcing ongoing exposure in network security and endpoint management tooling.

The dual release of BitLocker proof-of-concept exploits raises immediate concern for organizations relying on BitLocker as their primary full-disk encryption mechanism. Combined with the unpatched Outlook vulnerability and active ransomware operations against industrial targets, defenders face a high-velocity patching environment across endpoint, email, and network infrastructure layers simultaneously.