A researcher using the alias "Chaotic Eclipse" published proof-of-concept exploit code for three Windows privilege escalation flaws—BlueHammer, RedSun, and UnDefend—in protest over Microsoft's Security Response Center handling of disclosures. Huntress Labs confirmed all three were deployed in real attacks by April 17, with BlueHammer (now CVE-2026-33825) used in breaches as early as April 10; BleepingComputer reports that BlueHammer was patched in the April 2026 Patch Tuesday, but RedSun and UnDefend remain unpatched on fully updated systems. All three flaws allow local privilege escalation to SYSTEM level; they do not enable unauthenticated remote access but are routinely chained after initial compromise.