Cybernews
Nightmare-Eclipse Banned from GitHub and GitLab for Zero-Day Exploits
Ask AI about this cluster
Analyzing cluster data...
Referenced clusters:
Something went wrong. Please try again.
Cluster AI
Ask questions about this threat cluster with AI-powered analysis.
Get Researcher $29.99/moArticle Content
The anonymous security researcher known as Nightmare-Eclipse has been banned from both GitHub and GitLab due to the release of multiple unpatched Windows vulnerabilities. GitHub terminated the account on May 25, 2026, after the researcher disclosed six exploits, including critical privilege escalation vulnerabilities like BlueHammer and YellowKey. Microsoft accused the researcher of violating coordinated vulnerability disclosure practices, leading to a public feud. Following the GitHub ban, Nightmare-Eclipse moved to GitLab, where they continued to release exploits until being suspended on May 26, 2026. The researcher has threatened further disclosures, claiming Microsoft has left them with no choice. The situation has sparked significant backlash within the cybersecurity community, highlighting tensions between researchers and corporate entities over vulnerability disclosure practices.
Key Points: • Nightmare-Eclipse released multiple unpatched Windows vulnerabilities, including BlueHammer. • GitHub and GitLab both suspended the researcher within a week for disruptive activities. • Microsoft accused the researcher of violating coordinated vulnerability disclosure practices.