By Jessica Lyons
Publication Date: 2026-05-28 20:19:00
The ongoing saga of Microsoft versus Nightmare Eclipse (aka Chaotic Eclipse), the disgruntled bug hunter with a deep understanding of Windows and an even deeper grudge against Microsoft, reached a fever pitch, with the researcher, who has thus far released six Windows zero-days, promising a “bone shattering” drop on July 14.
Microsoft, for its part, finally responded to the security researcher and their weaponized Windows flaws with a blog post on (un)coordinated vulnerability disclosure about the now-public bugs: RedSun, UnDefend, BlueHammer, YellowKey, GreenPlasma, and MiniPlasma. Redmond says that none of these were reported via its official channels prior to being made public.
Attackers began hammering three of the six – BlueHammer, RedSun, and UnDefend – soon after Nightmare published working proof-of-concept exploit code for each on now-banned GitHub (owned by Microsoft) and GitLab accounts.
YellowKey, GreenPlasma, and MiniPlasma still don’t have…
.webp?ssl=1 "Microsoft Azure Integrates Google’s A2A Protocol for Effortless AI Agent Communication")