Win11 Zero-Days, npm Supply Chain, & AI Agent Security Threats Today's Highlights This week features critical Windows 11 zero-day disclosures with Bitlocker bypass and LPE exploits, a large-scale npm supply chain attack impacting over 170 packages, and new research into malicious AI coding agent skills. These stories highlight the urgent need for robust defensive techniques against sophisticated threats across various tech stacks. Disgruntled researcher drops two new Windows 11 zero-days: Bitlocker bypass (YellowKey) and LPE (GreenPlasma) (r/cybersecurity) Source: https://reddit.com/r/cybersecurity/comments/1tbeako/disgruntled_researcher_who_dropped_bluehammer_and/ This item details the public release of two new Windows 11 zero-day vulnerabilities by a researcher, following previous disclosures. The first, nicknamed "YellowKey," is a Bitlocker bypass, allowing an attacker to circumvent disk encryption protections.…