A zero-day exploit called RoguePlanet dropped on June 10, 2026, the same day Microsoft rolled out its monthly Patch Tuesday updates. The timing was not a coincidence.
The proof-of-concept code targets a race condition vulnerability in Microsoft Defender, capable of granting SYSTEM-level shell access on fully patched Windows 10 and Windows 11 machines.
Who’s behind it and why it matters
The researcher behind RoguePlanet operates under the aliases Chaotic Eclipse and Nightmare-Eclipse, publishing work through deadeclipse666.blogspot.com and the GitHub account MSNightmare.
RoguePlanet is at least the sixth zero-day proof-of-concept released by the same person since early April 2026. The prior releases include exploits named BlueHammer (assigned CVE-2026-33825), RedSun, UnDefend, YellowKey, GreenPlasma, and MiniPlasma. That’s roughly one new zero-day every ten days across a two-month stretch.
