eclipse

Winsage
June 30, 2026
Chaotic Eclipse, also known as Nightmare-Eclipse, bypassed Windows 11's BitLocker security using a USB stick and claimed Microsoft left a backdoor in the system. Following this, Microsoft patched three zero-day exploits named YellowKey, GreenPlasma, and MiniPlasma. Nightmare-Eclipse then revealed another zero-day vulnerability called RoguePlanet, which affects Microsoft Defender on Windows 10 and 11, potentially allowing attackers full control over compromised systems. Microsoft is tracking this vulnerability as CVE-2026-50656 and is working on a security update. Nightmare-Eclipse provided a proof-of-concept exploit and described it as a race condition with variable success rates. Microsoft has promoted Windows Defender as adequate for most users but acknowledged that third-party tools can offer additional protection. The company initially threatened legal action against Nightmare-Eclipse but later decided not to pursue lawsuits against researchers sharing their findings.
Winsage
June 30, 2026
Security researcher Chaotic Eclipse, known as Nightmare-Eclipse, bypassed Windows 11's BitLocker security using a USB stick and claimed Microsoft intentionally included a backdoor in the feature. Microsoft responded by patching three zero-day exploits disclosed by Nightmare-Eclipse: YellowKey, GreenPlasma, and MiniPlasma, and is monitoring another exploit called RoguePlanet, cataloged as CVE-2026-50656. The RoguePlanet exploit is a race condition with varying success rates on different machines, achieving a 100% success rate on some devices. Microsoft acknowledged that while Windows 11's Defender is generally sufficient for most users, third-party tools can offer additional security features. Tensions between Nightmare-Eclipse and Microsoft have risen, with the company previously considering legal action but now indicating it will not pursue lawsuits against researchers sharing their findings.
Winsage
June 30, 2026
A race condition vulnerability in Windows Defender, known as BlueHammer, has been exploited by the hacker Nightmare Eclipse, allowing attackers to gain SYSTEM user access. Microsoft released a patch for this vulnerability on April 14, but the Cybersecurity and Infrastructure Security Agency (CISA) has flagged it as actively exploited in ransomware campaigns. The average time to apply critical OS patches across Windows 10 and 11 is now 127 days, with enterprise environments averaging 76 days. Estimates suggest that 15% to 26% of Windows 10 machines remain unpatched, with a conservative estimate of 20% translating to one in five machines being vulnerable. Microsoft has extended security updates for Windows 10 until October 14, 2027, but public awareness of the updates remains low.
AppWizard
June 28, 2026
Quantic Dream employees have raised concerns about staffing and project viability for Star Wars: Eclipse, following significant layoffs of 115 employees after the cancellation of their live-service game, Spellcaster Chronicles. Remaining staff believe these layoffs threaten the game's future and staged a strike during a LucasFilm visit to seek support. Employees are frustrated with management's lack of communication with parent company NetEase regarding project resources. They plan further protests, called the “Summer Strike Fest,” to advocate for additional staff needed to complete the game.
AppWizard
June 25, 2026
Warhorse Studios is offering a significant discount on Kingdom Come: Deliverance 2 during the Steam Summer Sale, with the game available for a reduced price and the Royal Edition, which includes three additional DLC story packs, also discounted. PC Gamer rated KCD2 at 90%, calling it a “new RPG classic.” The game features an expansive adventure in a detailed Bohemian landscape, with elements reminiscent of Oblivion and The Witcher 3. Players have noted improvements from the first installment, including a new forge expansion and a monastery questline. A new patch has been released that includes bug fixes and a free quest titled "A Jester's Visit." Players do not need to have played the original game to enjoy the sequel, as KCD2 is designed to be welcoming to newcomers.
Winsage
June 15, 2026
A cybersecurity researcher known as “Nightmare Eclipse” has revealed two zero-day exploits threatening Windows systems: RoguePlanet and GreatXML. RoguePlanet targets Microsoft Defender, allowing attackers to execute privileged actions and gain SYSTEM-level access on Windows machines. It is a local privilege escalation vulnerability that remains effective on fully updated systems. GreatXML claims to bypass BitLocker disk encryption by manipulating the Windows Recovery Environment, potentially granting access to protected files. However, its effectiveness may be overstated, as it might require administrator-level access. Microsoft advises organizations to implement security updates, treat lost or accessible devices as high-risk, enforce stricter policies, and monitor threat intelligence to mitigate exposure to these vulnerabilities.
Winsage
June 12, 2026
Nightmare-Eclipse, also known as Chaotic-Eclipse, has introduced two new exploits: RoguePlanet and GreatXML. RoguePlanet exploits a vulnerability in Windows Defender, allowing attackers to gain SYSTEM user access privileges by tricking a user into executing a script. This access enables attackers to execute commands beyond standard Administrator capabilities, siphon sensitive data, and install malware. GreatXML provides a method for bypassing BitLocker encryption by creating a specially crafted "unattend.xml" file and a "Recovery" directory on the Windows recovery partition. Microsoft has shifted its stance from threatening legal action against Eclipse and is now monitoring the situation, while Eclipse has postponed a planned mass disclosure of zero-day Windows vulnerabilities initially set for July 14 due to delays in developing RoguePlanet.
Winsage
June 11, 2026
Security researcher Chaotic Eclipse has released a Windows BitLocker bypass tool named GreatXML, following a previously disclosed exploit targeting Microsoft Defender. The discovery was made accidentally and took four hours. A critical vulnerability exists for users who have used the Windows Defender Offline Scan feature, making them susceptible to the BitLocker bypass. The exploit involves copying an XML file and a recovery folder to the recovery partition and rebooting into the Windows Recovery Environment (WinRE). If the Defender offline scan was not initiated, users must log in to start it or find a way to boot into WinRE in offline scan state. GreatXML is the second BitLocker bypass tool released by Chaotic Eclipse, following the earlier exploit known as YellowKey (CVE-2026-45585), which has been patched by Microsoft.
Search