Microsoft is hitting back hard against cybersecurity researchers who publish dangerous software flaws before giving companies a chance to fix them. The tech giant is calling for a return to orderly, coordinated reporting, arguing that surprise public announcements leave everyday users completely defenseless against cybercriminals.

This corporate backlash follows a chaotic month during which an independent researcher, known online as Chaotic Eclipse, leaked the blueprints for several unpatched security flaws in Windows. The leaks targeted core systems like Windows Defender and BitLocker. According to the researcher, the sudden decision to dump these secrets online came after Microsoft repeatedly botched their internal communication and mishandled the reporting process.

A Wave of Sudden Exploits Leaves Users at Risk

Microsoft did not hold back its frustration regarding the sudden wave of leaks. Company representatives stated that these recent secret exposures were never shared with their security teams ahead of time. They emphasized that dropping raw vulnerability details directly onto the internet creates massive, unnecessary dangers for millions of customers worldwide.

The software company claims its defense teams have been working non-stop to map out the damage, shield users, and rush out emergency software patches. The leaked flaws—which have been tracked under names like BlueHammer, RedSun, UnDefend, and YellowKey—are not just theoretical problems. Security firms have already confirmed that hackers are actively using at least three of these leaks to break into vulnerable computers right now. Microsoft stressed that publishing functional attack code for unresolved issues gives cybercriminals a massive head start and causes immediate, real-world harm.

Tech Giants Delete the Researcher’s Digital Presence

The battle quickly spilled over into the platforms where developers host their work. Following the high-profile leaks, Microsoft-owned GitHub stepped in and completely deleted the researcher’s profile. In an attempt to keep the information alive, the hacker migrated the attack code over to a rival platform, GitLab. However, that account was also quickly blocked and scrubbed from the internet.

While Microsoft insists it wants to maintain an open dialogue with the hacking community through conferences and reward programs, their aggressive response suggests they are drawing a hard line against rogue disclosures. The tech giant maintains that while disagreements happen, skipping the safety window entirely crosses a line into endangering the public.

The Defiant Hacker Vows Revenge

The researcher tells a vastly different story, painting Microsoft as a corporate bully that ignores help and silences critics. In an angry public statement, Chaotic Eclipse claimed Microsoft refused to communicate honestly, ignored bug reports, and publicly humiliated them.

The hacker revealed that Microsoft had previously deleted the very account used to submit official bug reports, meaning they received absolutely no financial compensation for their assistance. The researcher expressed deep regret for trying to help a company that responded by flagging and wiping out their GitHub presence. Far from backing down, the researcher ended the message with a dramatic warning, promising to release a devastating new batch of secrets on July 14, 2026, that will cause severe damage to the tech company’s reputation and systems.