Nightmare-Eclipse Banned from GitHub and GitLab for Zero-Day Exploits

Nightmare-Eclipse Banned from GitHub and GitLab for Zero-Day Exploits

First seen 27 May 2026, 05:09 UTC CybernewsCybersecuritynewsMicrosoftGbhackersInfosecurity-Magazine+72 87% similarity 68.0

Article Content

Browse articles
ThreatCluster

The anonymous security researcher known as Nightmare-Eclipse has been banned from both GitHub and GitLab due to the release of multiple unpatched Windows vulnerabilities. GitHub terminated the account on May 25, 2026, after the researcher disclosed six exploits, including critical privilege escalation vulnerabilities like BlueHammer and YellowKey. Microsoft accused the researcher of violating coordinated vulnerability disclosure practices, leading to a public feud. Following the GitHub ban, Nightmare-Eclipse moved to GitLab, where they continued to release exploits until being suspended on May 26, 2026. The researcher has threatened further disclosures, claiming Microsoft has left them with no choice. The situation has sparked significant backlash within the cybersecurity community, highlighting tensions between researchers and corporate entities over vulnerability disclosure practices.

Key Points: • Nightmare-Eclipse released multiple unpatched Windows vulnerabilities, including BlueHammer. • GitHub and GitLab both suspended the researcher within a week for disruptive activities. • Microsoft accused the researcher of violating coordinated vulnerability disclosure practices.

ThreatCluster AI

Timeline

2026-04-02
First zero-day exploit released
Nightmare-Eclipse disclosed BlueHammer, a critical privilege escalation exploit for Windows.
Cybernews
2026-05-25
GitHub bans Nightmare-Eclipse
GitHub terminated the account of Nightmare-Eclipse after the researcher released multiple exploits.
Cybernews
2026-05-26
GitLab suspends Nightmare-Eclipse
GitLab suspended the account of Nightmare-Eclipse following the GitHub ban and ongoing exploit releases.
Cybersecuritynews
2026-05-27
Community backlash grows
The actions against Nightmare-Eclipse have sparked significant backlash in the cybersecurity community.
Cybersecuritynews

Community

Browse all →