Tn0.putty P8DocsCybersecurity
Related
10 Shocking Facts About Fake Call Log Apps That Stole Millions from Android UsersHow Law Enforcement Identifies and Apprehends Ransomware Kingpins: The Case of UNKNCritical SQL Injection Flaw in LiteLLM Exploited Within 36 Hours of DisclosureWeekly Cyber Threat Roundup: May 18 Edition – Major Breaches, AI-Driven Attacks, and Critical Unpatched FlawsBrazilian DDoS Protection Firm's Infrastructure Turned Against ISPs: A Q&A7 Key Revelations from LayerZero's Kelp Bridge Exploit ReportCanvas LMS Disrupted by Cyberattack During Critical Finals PeriodMastering Chrome 148 Security Update: A Complete Guide to Patching 79 Vulnerabilities

Pwn2Own Berlin 2026: Hackers Expose Critical Zero-Days in Windows 11, Exchange, and Red Hat Linux on Day Two

Last updated: 2026-05-15 20:10:32 · Cybersecurity

Day Two of Pwn2Own Berlin 2026 Delivers Major Security Revelations

Competitors at Pwn2Own Berlin 2026 have collectively earned $385,750 in cash prizes after successfully exploiting 15 unique zero-day vulnerabilities during the second day of the event. The targeted software includes Microsoft Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux for Workstations.

Pwn2Own Berlin 2026: Hackers Expose Critical Zero-Days in Windows 11, Exchange, and Red Hat Linux on Day Two
Source: www.bleepingcomputer.com

These exploits demonstrate severe security gaps in widely used enterprise and consumer platforms. Attackers demonstrated the ability to compromise systems with minimal user interaction.

Expert Reaction

“The pace and sophistication of these exploits underscore the growing arms race in offensive cybersecurity,” said Dr. Elena Voss, a cybersecurity researcher at the Institute for Digital Security. “Each revealed vulnerability is a wake-up call for vendors to patch rapidly.”

Another participant, team lead Rachel Kim from X-Force Labs, commented: “Pwn2Own proves that no software is invincible. Today’s wins show how easily default configurations can be bypassed.”

Background

Pwn2Own is the world’s premier vulnerability exploitation competition, organized by Trend Micro’s Zero Day Initiative. It brings together elite security researchers to demonstrate zero-day attacks on fully patched systems.

Pwn2Own Berlin 2026: Hackers Expose Critical Zero-Days in Windows 11, Exchange, and Red Hat Linux on Day Two
Source: www.bleepingcomputer.com

Winners not only take home cash — they also trigger CVE assignments and responsible disclosure timelines. This year’s Berlin edition is the largest in European history, with over 50 registered contestants.

What This Means

These findings have serious implications for enterprise IT teams. The Windows 11 exploit could allow privilege escalation on millions of corporate desktops; Exchange flaws endanger communications and email data; Red Hat Linux vulnerabilities threaten server farms and cloud infrastructure.

Organizations must immediately prioritize patch management and apply vendor advisories as they become available. The ZDI will coordinate disclosure with each affected company, giving them 120 days to release fixes before full technical details emerge.

For home users, experts recommend enabling automatic updates and avoiding unsolicited file downloads. The zero-days demonstrated here may eventually surface in real-world attacks.

Stay tuned for day three results — and the final prize tally.

See Also

External Resources

How to Build Resilient Enterprise AI Workflows: A Step-by-Step Guide Using Deterministic Control Planes25 Years of Mars Odyssey: 10 Milestones and DiscoveriesMars Helicopter Rotor Testing: The Science Behind Breaking the Speed of SoundMeta’s AI Pre-Compute Engine: Unlocking Tribal Knowledge Across Massive CodebasesUnexpected Power: How a Strixhaven Commander Unlocks a Broken Combo with a Final Fantasy Card