A lone Windows expert has dropped six zero-days in quick succession. Three reached active exploitation almost immediately. Now the researcher promises something far bigger on July 14. Microsoft calls the releases unjustifiable. The company has turned to its Digital Crimes Unit and law enforcement. The clash exposes raw tensions in how big tech handles outside bug reports. Nightmare Eclipse, who also posts as Chaotic Eclipse and Dead Eclipse, began releasing proof-of-concept code in early April 2026. The flaws targeted Windows Defender, BitLocker, and local privilege escalation paths. Barracuda Networks detailed the list on May 19 . BlueHammer, tracked as CVE-2026-33825, let attackers jump from user to SYSTEM on Defender. It was later patched yet saw real-world use. RedSun and UnDefend followed similar patterns. YellowKey bypassed BitLocker protections on TPM-only drives. GreenPlasma and MiniPlasma offered additional local elevation techniques. Three of the six remain without fixes.…