Security researcher Nightmare Eclipse, who has shared several zero-day vulnerabilities, had their entire GitHub account and all repositories taken down. They have now moved everything to a new GitLab profile at In a signed message on their blog, they accuse Microsoft of defaming them, mishandling vulnerability reports like CVE-2026-45585, revoking their MSRC access, and quietly patching issues without collaborating. They point to July 14 as an important date when they may release more documents or take things further. The post also mentions two other vulnerabilities called UnDefend (CVE-2026-45498) and RedSun (CVE-2026-41091).

The hacker group Chaotic Eclipse, also known as Nightmare-Eclipse, has released two new Windows exploits called YellowKey and GreenPlasma. >YellowKey bypasses BitLocker encryption on Windows 11 and newer server versions by copying a special folder to a USB drive or the EFI partition and then rebooting while holding certain keys to gain full access to the locked drive. >GreenPlasma lets users gain higher system access through a CTFMON method that affects Windows 11 and some servers, with only part of the code shared as a challenge for others. In a signed blog post, the group warned Microsoft directly that the next Patch Tuesday will have a big surprise for them. They said they have never failed to deliver on a promise, noted their unhappiness with how Microsoft handled their past reports, and chose not to target Defender this time.