Retaliatory Zero-Day Exploits Targeting Microsoft Windows, VS Code, and GitHub
Threat actor Chaotic Eclipse has bypassed Coordinated Vulnerability Disclosure (CVD) protocols to publicly release multiple high-impact zero-day exploits via the "exploitarium" GitHub repository. The campaign leverages the "MiniPlasma" exploit for Windows kernel-level SYSTEM privilege escalation and the "RoguePlanet" payload to weaponize Microsoft Defender for unauthorized system-level access. Additionally, a one-click vulnerability in Visual Studio Code enables the exfiltration of GitHub authentication tokens through malicious link interactions. These exploits collectively facilitate full host compromise, developer identity theft, and high-risk supply chain attacks targeting private repositories and CI/CD pipelines. Immediate patching and credential rotation are necessary.