Skip to content
The Nexus
DossierENTITY

Chaotic Eclipse

Coverage of Chaotic Eclipse in the Nexus archive.

Earliest in view: Apr 9 · 20:13 UTCMost recent: Jun 10 · 05:22 UTC
Co-mentioned in this coverage
Recent coverage
  • SECURITYJun 10 · 05:22 UTCTHE HACKER NEWS
    Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows

    A security researcher named Chaotic Eclipse (aka Nightmare-Eclipse) has released a proof-of-concept exploit for a Microsoft Defender zero-day vulnerability called RoguePlanet, which grants SYSTEM access on updated Windows systems. The exploit, a race condition with a reported 100% success rate, was published under the GitHub account MSNightmare.

  • SECURITYMay 28 · 13:53 UTCTHE HACKER NEWS
    Microsoft Slams Public Zero-Day Disclosures Amid GitHub Researcher Account Removal

    Microsoft advocates for Coordinated Vulnerability Disclosure (CVD), urging researchers to share findings with vendors before public disclosure. This follows a researcher, Chaotic Eclipse, disclosing multiple zero-day vulnerabilities, prompting Microsoft's public criticism of uncoordinated disclosures.

  • SECURITYMay 18 · 04:59 UTCTHE HACKER NEWS
    MiniPlasma Windows 0-Day Enables SYSTEM Privilege Escalation on Fully Patched Systems

    Chaotic Eclipse released a proof-of-concept for MiniPlasma, a Windows privilege escalation zero-day flaw that grants attackers SYSTEM privileges on fully patched systems. The vulnerability impacts the Windows Cloud Files Mini Filter Driver, referred to as 'cldflt.sys'. This allows for SYSTEM privilege escalation on fully patched Windows systems.

  • SECURITYMay 14 · 09:25 UTCTHE HACKER NEWS
    Windows Zero-Days Expose BitLocker Bypasses And CTFMON Privilege Escalation

    An anonymous cybersecurity researcher disclosed two zero-day vulnerabilities in Windows, including a BitLocker bypass and a privilege escalation impacting CTFMON. The vulnerabilities have been codenamed YellowKey and GreenPlasma. The researcher, who goes by the alias Chaotic Eclipse, previously disclosed three Microsoft Defender vulnerabilities.

  • SECURITYApr 17 · 13:21 UTCTHE HACKER NEWS
    Three Microsoft Defender Zero-Days Actively Exploited; Two Still Unpatched

    Huntress warns that three zero-day vulnerabilities in Microsoft Defender—BlueHammer, RedSun, and UnDefend—are being actively exploited by threat actors to gain elevated system privileges. Two of these vulnerabilities remain unpatched, posing ongoing security risks.

  • SECURITYApr 16 · 20:19 UTCBLEEPING COMPUTER
    New Microsoft Defender “RedSun” zero-day PoC grants SYSTEM privileges

    A researcher named 'Chaotic Eclipse' has released a proof-of-concept exploit for a Microsoft Defender zero-day vulnerability called 'RedSun,' which grants SYSTEM privileges. The exploit was published as a protest against Microsoft's handling of cybersecurity researchers.

  • SECURITYApr 9 · 20:13 UTCDARK READING
    'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues

    A researcher using the alias 'Chaotic Eclipse' released a PoC exploit for a zero-day vulnerability in Windows, enabling local user system takeover. The incident highlights potential issues with Microsoft's bug disclosure process, as the flaw was undisclosed prior to the exploit's release.

Chaotic Eclipse · Dossier · The Nexus