Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: nightmare-eclipse (1 article)Clear

Microsoft denounces uncoordinated zero-day disclosures after Chaotic Eclipse (Nightmare Eclipse) drops 6 CVEs - GitHub and GitLab accounts removed

Microsoft has come out strongly against uncoordinated zero-day disclosures after researcher Chaotic Eclipse (also Nightmare-Eclipse) dropped technical details of six Windows zero-days over the past month, citing a breakdown in Microsoft's disclosure process. The CVEs include BlueHammer (CVE-2026-33825), RedSun (CVE-2026-41091), UnDefend (CVE-2026-45498), YellowKey (CVE-2026-45585), GreenPlasma, and MiniPlasma; BlueHammer, RedSun, and UnDefend are now under active exploitation. GitHub removed the researcher's account; a GitLab re-upload account was also blocked. Microsoft is urging coordinated vulnerability disclosure but the researcher publicly disputes Microsoft's responsiveness, citing months of waiting for fixes. The incident highlights ongoing friction between solo researchers and large vendor PSIRTs.

Check
Apply the Microsoft patches for BlueHammer (CVE-2026-33825), RedSun (CVE-2026-41091), UnDefend (CVE-2026-45498), and YellowKey (CVE-2026-45585) immediately. Monitor for further leaked PoC code.
Affected
Windows endpoints unpatched against the six Nightmare Eclipse zero-days. Three (BlueHammer, RedSun, UnDefend) are confirmed under active exploitation. GreenPlasma and MiniPlasma also have public details.
Fix
Patch all six CVEs via current Windows updates. Block known exploit-PoC mirrors at egress. Watch GitHub/GitLab for re-uploaded code and add the corresponding hashes to detection rules.