All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Microsoft threatens security researcher with criminal prosecution over public disclosure of Windows vulnerabilities, sparking community backlash

By

Ana Maria Constantin

1d ago· 4 min readenNews
Bagel score 80 of 100
80/100
Golden Brown
Bagelometer

Master baker tier. Every paragraph earns its place on the tray.

Score80TypenewsSentimentnegative

Summary

Microsoft published a blog post criticizing security researcher "Nightmare Eclipse" for publicly disclosing unpatched vulnerabilities (BlueHammer, RedSun, UnDefend, YellowKey) in Windows Defender and BitLocker. Microsoft threatened criminal prosecution via its Digital Crimes Unit, sparking outrage in the cybersecurity community who argue the company had ample time to patch the bugs before disclosure.

Key quotes

· 3 pulled
Microsoft published a blog post on Wednesday criticising a security researcher known as 'Nightmare Eclipse' for publicly disclosing a series of unpatched vulnerabilities in Windows Defender and BitLocker.
The company then invoked its Digital Crimes Unit, which handles criminal referrals and law enforcement coordination.
The cybersecurity community responded with outrage.
Snippet from the RSS feed
Microsoft published a blog post on Wednesday criticising a security researcher known as “Nightmare Eclipse” for publicly disclosing a series of unpatched vulnerabilities in Windows Defender and BitLocker. The company then invoked its Digital Crimes Unit,

You might also wanna read

Anonymous researcher releases two new Windows zero-day exploits after Patch Tuesday

An anonymous security researcher (Nightmare-Eclipse/Chaotic Eclipse) has released two new Windows zero-day exploits — YellowKey (a BitLocker

theregister.com·3d ago

Security researcher publishes YellowKey zero-day exploit that bypasses Microsoft BitLocker encryption via USB stick

Security researcher Chaotic Eclipse (Nightmare-Eclipse) has published two new zero-day exploits targeting Microsoft systems after their prev

tomshardware.com·17d ago

Security researcher claims BitLocker bypass vulnerability may be intentional Microsoft backdoor

A security researcher known as Nightmare-Eclipse has discovered and released YellowKey, a vulnerability that allegedly bypasses Microsoft's

techspot.com·14d ago

Critical Misconfiguration in Microsoft's Internal Applications Exposes Sensitive Data

The article details a security researcher's discovery of a critical misconfiguration in Microsoft's internal applications, which allowed una

research.eye.security·9mo ago

CVE-2025-53136: Microsoft Patches Windows Kernel Information Disclosure Vulnerability Bypassing KASLR

Microsoft patched CVE-2025-53136, a kernel information disclosure vulnerability in Windows NT OS Kernel that allowed leaking kernel base add

crowdfense.com·8mo ago

Microsoft Gave FBI Keys to Unlock Encrypted Data, Exposing Major Privacy Flaw

forbes.com·4mo ago