Microsoft's crackdown on public zero-days fuels security researcher feud

May 30, 2026 at 06:53 PM

•

1 min read

Microsoft's crackdown on public zero-days fuels security researcher feud — Photo: The Verge

TL;DR Summary

Microsoft is facing backlash over its handling of zero-day exploits after a security researcher going by Nightmare Eclipse publicly posted exploit code. Microsoft says it plans to file a criminal case for failing to coordinate disclosure and has disabled Nightmare Eclipse's GitHub, GitLab, and MSRC accounts. Security researcher Kevin Beaumont notes that Microsoft has hired people with public zero-day histories and even buys exploits, raising questions about the company’s stance on “responsible disclosure” and highlighting a broader clash between vendors and researchers over vulnerability reporting.

Topics:technology #microsoft #nightmare-eclipse #security #tech #vulnerability-disclosure #zero-day

Share this article

Microsoft is threatening legal action for disclosing exploits The Verge
Microsoft under fire for threatening security researcher with criminal investigation TechCrunch
Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops The Register
Microsoft fires warning shot at anonymous researcher Nightmare-Eclipse over 6 public zero-days Cybernews
Microsoft Condemns "Uncoordinated" Zero Day Disclosures Infosecurity Magazine

Reading Insights

Total Reads

Unique Readers

Time Saved

47 min

vs 48 min read

Condensed

99%

9,486 → 85 words

Want the full story? Read the original article

Read on The Verge

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights