Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts
Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms.
Search fresh public links, source activity, and ready-to-use post angles for Pwn2Own.
Fresh curated links around Pwn2Own are collected here so marketers can spot useful updates and turn timely ideas into posts faster.
Recent items include:
Recent curated links from global sources. Generate one free draft from any story, then use SocialBu to schedule and refine your content calendar.
Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms.
The research community was awarded $1.3m as it found dozens of novel vulnerabilities at Pwn2Own Berlin
At least two vulnerabilities are already under attack
A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation
Learn how attackers abuse Entra ID through a free hands-on Capture the Flag. Varonis created the Breach at the Beach CTF to teach defenders how to investigate Entra ID attack techn...
pretalx XSS flaw lets attackers hijack conference organizer accounts, steal sessions, auto-accept talks, and demote admins. Patched in v2026.1.0.
A plethora of pwn-prevention, including a 'Patch The Planet' pledge
Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and "patch everything in time" stopped working years ago. Stop betting the org on win...
Anthropic launched Claude Fable 5 on June 9, 2026, as the first publicly available model in its new Mythos class, its most capable AI to date, excelling in software engineering, kn...
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concep...
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities first
OpenAI’s GPT-5.6 Sol Ultra model independently constructed a complete, working exploit chain for Google Chrome, using nothing but publicly available security patch commits as its s...
Akwaaba! gang, another part of my Static Android App Hacking series, today our focus is on exploiting Deep Links to achieve RCE. An easy…Continue reading on OSINT Team »
Six 0-days, three under active exploitation, more to come on July 14?
This was another pretty nice lab I took on involving an exposed content provider that we’re supposed to brute-force for a pin. In the end…Continue reading on Medium В»
Fortunately, they were professional red teamers. Unfortunately, they pwned the network
Experts say it’s a useful post-compromise tool, for those with the brain cells required to put it together
A critical exploit chain dubbed AutoJack that allows a single malicious web page to hijack Microsoft’s AutoGen Studio browsing agent and silently execute arbitrary code on the host...
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod. This week is the same lesson...
Security researcher Chaotic Eclipse (aka Nightmare-Eclipse) has released a new proof-of-concept (PoC) exploit called LegacyHive. It has been described as a Windows User Profile Se...
Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an...
Google paid researcher a tidy $55K bounty for its discovery
米セキュリティ企業のCalifが、米Appleが5年がかりで開発した最先端のセキュリティ対策「MIE」を突破するエクスプロイト(攻撃プログラム)を、わずか5日間で開発したと発表した。利用したのはA...
Fable 5 is the supposed safe version of Anthropic’s Mythos Preview, with guardrails to ensure that it can’t be used to create cyberattacks. Well, that restriction was bypassed with...
Use SocialBu to discover ideas, generate post drafts, and schedule them across your social channels.