Microsoft calls zero-day releases ‘never justifiable’ as researcher threatens to drop more

Friday, May 29, 2026 at 01:33 PM UTC·Source: The Record

Updated: Friday, May 29, 2026 at 02:00 PM UTC

Executive Summary

Each vulnerability was published with working proof-of-concept code to the Microsoft-owned code repository GitHub, making them immediately available to both attackers and security professionals.

Analysis

Each vulnerability was published with working proof-of-concept code to the Microsoft-owned code repository GitHub, making them immediately available to both attackers and security professionals.

Source Attribution

Originally published by The Record on May 29, 2026.

Related Threats

CRITICALZero Day

Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities

Google says the Android vulnerability CVE-2025-48595 has been exploited in limited, targeted attacks. The post Android Update Patches Exploited Zero-Day, 123 Other Vulnerabilities appeared first on SecurityWeek .

CVE-2025-48595

3h agoSecurityWeek

CRITICALZero Day

Google fixes one actively exploited Android zero-day, 124 flaws

Google has released the June 2026 Android security patches to address 124 vulnerabilities, including one zero-day flaw exploited in targeted attacks. [...]

6h agoBleepingComputer

CRITICALZero Day

Microsoft Threatening Security Researcher

An anonymous security researcher called “Nightmare Eclipse” has been publishing a series of significant security exploits against Microsoft Windows—including one that breaks BitLocker. Microsoft has threatened legal action against the researcher. Lots of recriminations are being traded back and forth.

6h agoSchneier on Security