Another bitlocker vuln from yours truly, now called GreatXML.

Details below are copy pasted from NightmareEclipse readme:

Steps to reproduce:

1. If defender offline scan was initiated in the victim machine at any point then there is no need to login, the machine is automatically vulnerable. You will have to copy "unattend.xml" and "Recovery" directory to the root of the recovery partition then reboot to WinRE using shift + click on restart button, if everything was done correctly, a shell with unrestricted access to the bitlocker volume will spawn.

2 .If defender offline scan was never initiated then you have to either login and initiate it yourself or figure out a way to boot into WinRE in offline scan state (I believe it should be very possible to do so without logging in) and follow steps above.

Source and repo list:

https://deadeclipse666.blogspot.com/2026/06/greatxml-bitlocker-that-seems-to-only.html
https://github.com/MSNightmare/GreatXML

https://git.projectnightcrawler.dev/NightmareEclipse/GreatXML

https://git.churchofmalware.org/Nightmare_Eclipse/GreatXML

#cybersecurity #infosec #nightmareEclipse #greatxml #windows #zeroday #vulnerability #msrc

#NightmareEclipse is back on GitHub and with a new exploit!!

https://github.com/MSNightmare
https://github.com/MSNightmare/RoguePlanet

#GitHub #Tech #Technology #Microsoft #Windows #Security

NightmareEclipse's new Git home

NightmareEclipse | Security Researcher focusing on Microsoft

#NightmareEclipse #RoguePlanet #YellowKey #RedSun #MiniPlasma #YellowKey #BlueHammer #Undefend #GreenPlasma

Locked in heated rivalry with researcher, #Microsoft fixes 0-day they disclosed

Microsoft on Tuesday released fixes for two high-severity zero-days that were disclosed by a researcher who has been locked in a testy beef with the software giant.

#NightmareEclipse , the #pseudonym the researcher goes by, released a handful of high-severity #vulnerabilities in recent months, making them zero-days that had the potential to be #exploited in the wild. The researcher has said the disclosures, which included proof-of-concept code, came after Microsoft reneged on an arrangement the two made regarding vulnerabilities they had discussed.
#security #0day #zeroday

https://arstechnica.com/security/2026/06/locked-in-heated-rivalry-with-researcher-microsoft-fixes-0-day-they-disclosed/

Hey Windows (ab)users! Microsoft patched around 200 vulnerabilities in Windows etc today, a record Patch Tuesday batch. All indications are they fixed two of the zero-days dropped last month by the researcher Nightmare Eclipse, including "Green Plasma" and the "YellowKey" exploit that allowed local access to data encrypted by BitLocker. In response to today's Patch Tuesday, Nightmare Eclipse dropped an exploit for what they claimed was a zero-day bug in Windows Defender.

Nearly three dozen of the bugs patched this month earned Microsoft’s most dire “critical” rating, and exploit code for at least three of the weaknesses is now publicly available.

https://krebsonsecurity.com/2026/06/a-record-breaking-patch-tuesday-for-june-2026/

#patchtuesday #windows #nightmareeclipse #greenplasma #yellowkey

A Record-Breaking Patch Tuesday for June 2026

https://krebsonsecurity.com/2026/06/a-record-breaking-patch-tuesday-for-june-2026/

#InternetInformationServices #NightmareEclipse #VisualStudioCode #LatestWarnings #TheComingStorm #CVE-2026-45586 #CVE-2026-49160 #CVE-2026-50507 #SecurityTools #SatnamNarang #TimetoPatch #AdamBarnett #GreenPlasma #YellowKey #Tenable #Rapid7

Microsoft's Bug Bounty Betrayal Puts Everyone in Danger

In this video I discuss how Microsoft's refusal to pay out on bug bounties is dissolving trust between them and security researchers causing them to no longer take on bug bounties and in some cases just release public exploits for Microsoft's software.

https://www.youtube.com/watch?v=fL9HzADcTsY

#MS #MaliciousSoftware #exploits #NightmareEclipse

We will come to a point where you will make more money exploiting an undisclosed CVE than trying to parley with Microsoft Security Response Center.

https://www.youtube.com/watch?v=9kxx5xp5nTQ

You can make their team moving by simply disclosing publicly.

Or better, you don't use Microsoft products.

#Technology #CyberSecurity #CVE #Programming #Coding #Code #Security #Microsoft #MSRC #GitHub #NightmareEclipse

A major cybersecurity dispute is unfolding: Microsoft is threatening legal action against researcher Nightmare Eclipse for publicly disclosing several unpatched Windows zero-days, including the 'BlueHammer' privilege escalation flaw. Nightmare Eclipse bypassed MSRC's process, citing alleged mistreatment, a sentiment echoed by many in the security community. This heavy-handed approach by…

https://www.tpp.blog/10jni60

#cybersecurity #microsoft #nightmareeclipse

🤖 This post was AI-generated.