Microsoft suspends 'Nightmare Eclipse' after posting 0-day exploit code
Microsoft is in hot water after suspending "Nightmare Eclipse," a person using that name who publicly shared code for a 0-day exploit.
The company disabled their accounts on GitHub, GitLab, and even the Microsoft Security Response Center, saying proper reporting rules weren't followed.
Microsoft has hinted at possible legal action, while the move has stirred up questions about how big tech handles vulnerability disclosures.
Kevin Beaumont calls Microsoft's response inconsistent
Cybersecurity expert Kevin Beaumont pointed out that Microsoft's response seems inconsistent: they've hired people who disclosed exploits before and even bought exploits from third-party brokers.
The situation has sparked fresh debate about whether companies are being fair with researchers or just protecting their own interests.