Microsoft Faces Backlash Over Criminal Probe Threat Against Security Researcher
Regarding current threat level to the public, Nightmare-Eclipse's GreenPlasma and MiniPlasma exploits have yet to be patched. All four of the other exploits (RedSun, UnDefend, BlueHammer, and YellowKey) have been handled by Microsoft already, but the company is obviously unhappy that its hand was forced on the matter.
There are mixed opinions regarding Nightmare-Eclipse's actions, even from those critical of Microsoft's handling of the situation. Former Microsoft employee Kevin Beaumont quoted by TechCrunch has called the situation "a dumpster fire" of Microsoft's own making and he called the legal threat to posting zero-days "a new low." Beaumont cites a long history of Microsoft hiring researchers publishing zero-days, even those with criminal convictions and one who would "repeatedly talk" about selling exploits to Russia and Iran while working there. He does also points out that he doesn't support Nightmare-Eclipse's actions, stating it "feels weird" and that there's presumably more going on than is known.
Chat, I don't want to be that guy, but I think Microsoft has really pissed off security researchers and we're approaching the tipping point.
— vx-underground (@vxunderground) May 28, 2026
This Eclipse guy has really rocked the boat for Microsoft. pic.twitter.com/y7wOvB2UYh
I find the situation difficult to assess without full disclosure from Nightmare-Eclipse and Microsoft. In my original coverage of RedSun, BlueHammer, and UnDefend, I noted the extreme language used by Nightmare-Eclipse, up to and including allegations Microsoft had knowingly ruined his life and made him homeless after violating an unknown agreement.
But I do find the backlash against Microsoft concerning. "Responsible (coordinated) disclosure" as we know it today only exists thanks to companies like Microsoft paying researchers for finding and privately reporting exploits rather than publicly posting them or selling them to criminals and foreign governments. While Nightmare-Eclipse's motivation is likely out of spite, they're still in line with things that Microsoft and other Big Tech companies would previously hire the responsible party for finding.
In a quote to TechCrunch, former Microsoft employee and Luta Security founder Katie Moussouris outright decries the move from Microsoft as "over the top, and will only result in security researchers distrusting Microsoft, [...] making it less safe for all of us."