May 28, 2026
Windows drama: ban now, regret later?
GitHub bans security researcher who posted zero-day Windows exploits
Microsoft vs. rogue bug hunter turns ugly as commenters ask: who’s really the bad guy?
TLDR: Microsoft reportedly got a security researcher kicked off GitHub after they published serious Windows flaws, and the company still isn’t explaining why. Commenters are split between calling the researcher unstable and accusing Microsoft of punishing the person exposing dangerous problems instead of fixing them.
This story has all the ingredients of an internet blowup: a talented but explosive security researcher, a giant company saying nothing, and a comment section instantly picking sides. Nightmare-Eclipse says Microsoft got their GitHub account banned after they posted dangerous Windows flaws, and commenters are treating it like a messy public breakup with malware attached. One of the biggest eyebrow-raisers? A reader quickly noticed the researcher’s GitLab page also showed "Blocked user" — which only poured more fuel on the "what on earth happened here?" fire.
The hottest split in the reactions is basically "unstable genius" versus "corporate cover-up." One blunt commenter said the researcher "seems a bit unhinged," echoing the discomfort around the researcher’s threatening blog language. But others were furious at Microsoft’s optics, with one summing it up as "Shoot the messenger. That’ll fix it." Another warned Microsoft may have created its own nightmare: if someone finds serious flaws, gets ignored, gets paid nothing, and then gets banned, what exactly stops them from taking that knowledge elsewhere?
That last point became the thread’s darkest joke and biggest fear. One commenter quipped that with a public trail of major Windows break-ins, the researcher could probably find work with "various spooks" — internet-speak for intelligence agencies. So the community mood is less "problem solved" and more "congratulations, you may have angered the one person holding the matches."
Key Points
- •The article says Microsoft banned security researcher Nightmare-Eclipse from GitHub for unspecified reasons and that the researcher moved to GitLab.
- •The dispute described in the article involves allegations that Microsoft ignored vulnerability reports, removed the reporting account, and did not provide bug-bounty payments.
- •The article states that Eclipse has published six Windows zero-day exploits: BlueHammer, RedSun, UnDefend, GreenPlasma, MiniPlasma, and YellowKey.
- •BlueHammer, RedSun, and UnDefend are described in the article as being under active exploitation in the wild.
- •The article cites William Dormann of Tharros as speculating that changes in MSRC staffing and process may have affected how Microsoft handles vulnerability reports.