Anonymous13 days ago
Microsoft invoked its Digital Crimes Unit and threatened criminal prosecution against a pseudonymous researcher known as Nightmare Eclipse, who published six Windows zero-day exploits after alleging the company deleted their bug-reporting account and withheld bounty payments. The confrontation has triggered a broad backlash from the cybersecurity community, including the architect of Microsoft's own original bug bounty program, reigniting longstanding debates about who benefits from coordinated vulnerability disclosure and whether legal threats against researchers make users less safe.