A security researcher using the "Nightmare Eclipse" handle has released a Windows zero-day exploit dubbed LegacyHive that allows attackers to escalate privileges on up-to-date Windows systems.

LegacyHive is a PoC for a Windows ProfSvc privilege escalation flaw that works after the July 2026 update, but the public build needs extra credential

Experts say it’s a useful post-compromise tool, for those with the brain cells required to put it together