Microsoft · RedSun · YellowKey · Crypto Briefing

Microsoft threatens legal action against researcher Nightmare Eclipse for exploit disclosure

Sat, May 30 · 3:30 PM UTC 2 min read

Compiled by KHAO Editorial — aggregated from 1 source + 10 references discovered via search. See llms.txt for citation guidance.

◌ Single Source

Microsoft threatens legal action against researcher Nightmare Eclipse for exploit disclosure.

The tech giant is weighing criminal charges against a security researcher who dumped six Windows zero-day exploits in six weeks, three of which were exploited in real-world attacks.

Key facts

The vulnerabilities carry names that read like a cyberpunk novel: BlueHammer (CVE-2026-33825), RedSun (CVE-2026-41091), UnDefend (CVE-2026-45498), YellowKey (CVE-2026-45585), GreenPlasma
Nightmare Eclipse’s GitHub account was disabled around May 23, followed by their GitLab account between May 26 and 27
On May 28, 2026, Microsoft published a statement on its MSRC blog emphasizing the importance of coordinated vulnerability disclosure
Nightmare Eclipse has threatened another significant disclosure scheduled for July 14, 2026

Summary

Microsoft’s Digital Crimes Unit is considering criminal action against a security researcher who has been publicly releasing proof-of-concept exploit code for unpatched Windows vulnerabilities. Three of those exploits were confirmed as being used in real-world attacks shortly after going public. The vulnerabilities carry names that read like a cyberpunk novel: BlueHammer (CVE-2026-33825), RedSun (CVE-2026-41091), UnDefend (CVE-2026-45498), YellowKey (CVE-2026-45585), GreenPlasma, and MiniPlasma. Nightmare Eclipse posted the exploit.

Read full article at Crypto Briefing →

#Microsoft #RedSun #YellowKey

Full coverage

Other sources that covered this story, discovered via Google News. 10 unverified additional sources beyond our direct ingest — use these to verify claims, compare framings, or quote specific publications.

Tier 1 — direct ingest

Crypto Briefing May 30 · 15:30 UTC

The tech giant is weighing criminal charges against a security researcher who dumped six Windows zero-day exploits in six weeks, three of which were exploited in real-world attacks.

Tier 3 — covered but not verified (10)

Crypto World News May 30 · 15:50 UTC

Microsoft's legal threats may deter future vulnerability disclosures, risking security research stagnation and increased exploitation risks.

Notebookcheck News May 30 · 13:50 UTC

Microsofts öffentliche Drohung, strafrechtlich gegen den Forscher hinter der Offenlegung von sechs Windows-Zero-Day-Schwachstellen vorzugehen, hat einen Streit über Sicherheitslücken in eine umfassende Gegenreaktion der…

Csoonline.com May 30 · 2:50 UTC

Microsoft and a prominent cybersecurity researcher have gotten into a very public and rather personal exchange of unpleasantries about what responsible cybersecurity disclosures should mean in 2026.

Techplanet.today May 29 · 16:50 UTC

Microsoft's decision to ban a security researcher from GitHub for posting zero-day Windows exploits has ignited a firestorm of debate within the cybersecurity community.

Live Feeds May 29 · 16:50 UTC

A security researcher known as Nightmare Eclipse has ignited a firestorm with Microsoft by publicly disclosing six unpatched Windows vulnerabilities—three of which are already being exploited in real-world attacks—while…

Security Boulevard May 29 · 16:50 UTC

Microsoft’s ongoing dispute with the security researcher that goes by the handle of Nightmare-Eclipse continued to escalate this week, with the researcher being blocked from GitLab just days after Microsoft-owned GitHub…

Zamin.uz May 29 · 16:50 UTC

Microsoft is threatening legal action and law enforcement involvement against a security researcher who published a series of unpatched vulnerabilities and exploit code for its products.

Computerweekly.com May 29 · 16:50 UTC

SFIO CRACHO - stock.adobe.com - Alex Scroxton, Security Editor Microsoft has hit back after a disgruntled security researcher published proof of concept hacks for six zero-day vulnerabilities in its products without…

Techspot.com May 29 · 16:50 UTC partial

Headline only — body unavailable.

Gadget Review May 29 · 16:50 UTC

Dead phone batteries during emergencies are dangerous, but six unpatched Windows exploits actively hunting your enterprise network?