Skills
Microsoft Threatens Then Backtracks on Nightmare-Eclipse Researcher After Six Windows Zero-Days — Three Already on CISA KEV
On May 28-29 Microsoft's MSRC called Nightmare-Eclipse's exploit disclosures 'never justifiable' and warned its Digital Crimes Unit would pursue cases, triggering massive backlash. Microsoft reversed course, clarifying it has 'no intention to pursue action against security researchers.' Three of the six published zero-days (BlueHammer, RedSun, UnDefend) are already being exploited in the wild.
Source
↳ Follow the thread