The security researcher known as Nightmare-Eclipse has faced suspension from both GitLab and GitHub, with the latter occurring just days earlier. This action comes as a result of a controversial zero-day vulnerability campaign against Microsoft.
GitLab’s Recent Suspension
On May 26, 2026, GitLab suspended the account of the researcher Nightmare-Eclipse. This decision follows GitHub’s termination of the same account around May 23. The swift action by GitLab reflects the severity of the situation, as the researcher had been using the platform to replicate content previously hosted on GitHub.
The repositories on GitLab included six exploit tools targeting Windows Defender, extending their availability even after GitHub’s initial ban. This has raised significant concerns within the cybersecurity community regarding the implications for Microsoft’s security systems.
Origins of the Controversy
The campaign by Nightmare-Eclipse began on April 2, 2026, and was reportedly fueled by dissatisfaction with Microsoft’s Security Response Center. The researcher claimed that the center had not adequately responded to security disclosures.
Among the proof-of-concept tools released were BlueHammer, RedSun, and UnDefend. These tools demonstrated vulnerabilities within Windows Defender, including privilege escalation and unaddressed security flaws, which caught the attention of the cybersecurity industry.
Impact and Reactions
Huntress Labs reported the active use of these tools by threat actors as early as April 10, 2026. Attackers used these exploits to elevate privileges and execute malicious activities by disguising them with benign filenames.
Despite some patches issued by Microsoft, not all vulnerabilities have been addressed. The situation has sparked debate over ethical disclosure practices and the responsibilities of both researchers and platforms.
Nightmare-Eclipse has announced plans for a major disclosure event on July 14, 2026, hinting at more revelations to come. This has heightened discussions around platform accountability and the ethical implications of such disclosures.
For more updates, follow us on Google News, LinkedIn, and X.
