THREATNOIR
Subscribe
Back to Feed
Zero-dayMay 16, 2026

Another Windows zero day released by Nightmare Eclipse (sort of) It turns out Microsoft just str...

Microsoft failed to properly patch 2020 Windows CVE, allowing Nightmare Eclipse exploitation.

Read at source

Summary

A Windows zero-day vulnerability has been exploited by the Nightmare Eclipse threat actor, stemming from Microsoft's incomplete patching of a CVE originally disclosed in 2020. The flaw remained unresolved despite prior remediation attempts, allowing attackers to leverage the unpatched weakness for active exploitation.

Entities

Microsoft (vendor)Windows (product)Nightmare Eclipse (threat_actor)