Latest updates for Pwn2Own

Fresh curated links around Pwn2Own are collected here so marketers can spot useful updates and turn timely ideas into posts faster.

Recent items include:

  • Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts
  • Security Researchers Find 47 Zero-Days at Pwn2Own Berlin
  • Anonymous researcher drops 0-day 'exploitarium' repo

Post angles to try

Share the most useful takeaway for your audience.
Turn one article into a quick practical checklist.
Ask your audience how this shift affects their work.
Turn angles into scheduled posts

Fresh articles and ideas

Recent curated links from global sources. Generate one free draft from any story, then use SocialBu to schedule and refine your content calendar.

hackread.com /1 month ago

Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts

Cybersecurity researchers successfully demonstrated 47 unique zero-day exploits at Pwn2Own Berlin 2026, targeting major enterprise software and AI platforms.

Read source
infosecurity-magazine.com /1 month ago

Security Researchers Find 47 Zero-Days at Pwn2Own Berlin

The research community was awarded $1.3m as it found dozens of novel vulnerabilities at Pwn2Own Berlin

Read source
theregister.com /2 weeks ago

Anonymous researcher drops 0-day 'exploitarium' repo

At least two vulnerabilities are already under attack

Read source
infosecurity-magazine.com /1 month ago

Infosecurity Europe: Mythos Outperforms GPT5.5 on Google Chrome Vulnerability Exploits, Says New Benchmark

A Bugcrowd researcher has unveiled ExploitBench, an independent benchmark of AI models for vulnerability exploitation

Read source
bleepingcomputer.com /3 days ago

Breach at the Beach: Play the Ultimate Entra ID CTF

Learn how attackers abuse Entra ID through a free hands-on Capture the Flag. Varonis created the Breach at the Beach CTF to teach defenders how to investigate Entra ID attack techn...

Read source
hackread.com /1 month ago

Zero-Click pretalx XSS Flaw Lets Hackers Hijack Conference Organizer Accounts

pretalx XSS flaw lets attackers hijack conference organizer accounts, steal sessions, auto-accept talks, and demote admins. Patched in v2026.1.0.

Read source
theregister.com /3 weeks ago

OpenAI: Yoo-hoo, look over here, we do that security stuff too!

A plethora of pwn-prevention, including a 'Patch The Planet' pledge

Read source
thehackernews.com /1 month ago

Beyond the Zero-Day: See Your Network Like an Attacker | Webinar with HD Moore

Assume the breach. Zero-days keep shipping, AI is writing exploits faster than anyone patches, and "patch everything in time" stopped working years ago. Stop betting the org on win...

Read source
cybersecuritynews.com /1 month ago

Anthropic’s Claude Fable 5 Jailbroken to Generate Stack Exploits

Anthropic launched Claude Fable 5 on June 9, 2026, as the first publicly available model in its new Mythos class, its most capable AI to date, excelling in software engineering, kn...

Read source
thehackernews.com /2 weeks ago

New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos

Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concep...

Read source
infosecurity-magazine.com /2 weeks ago

Researcher Behind 'Exploitarium' Explains Release of Undisclosed Zero-Day Exploits

Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities first

Read source
cybersecuritynews.com /21 hours ago

GPT-5.6 Sol Ultra Builds Full Chrome Exploit Chain From Security Patches

OpenAI’s GPT-5.6 Sol Ultra model independently constructed a complete, working exploit chain for Google Chrome, using nothing but publicly available security patch commits as its s...

Read source
osintteam.blog /2 weeks ago

From Deep Link to Shell: Easy $3000 Android Crits.

Akwaaba! gang, another part of my Static Android App Hacking series, today our focus is on exploiting Deep Links to achieve RCE. An easy…Continue reading on OSINT Team »

Read source
theregister.com /1 month ago

Disgruntled 0-day hunter 'humiliated' by Microsoft pledges 'bone shattering drop' as Redmond calls cops

Six 0-days, three under active exploitation, more to come on July 14?

Read source
medium.com /4 weeks ago

MobileHackingLabs — Secure Notes writeup

This was another pretty nice lab I took on involving an exposed content provider that we’re supposed to brute-force for a pin. In the end…Continue reading on Medium В»

Read source
theregister.com /2 weeks ago

Hackers shoveled snow for company, were rewarded with network admin access

Fortunately, they were professional red teamers. Unfortunately, they pwned the network

Read source
theregister.com /1 day ago

LegacyHive: 'Bone-shattering' zero-day from Microsoft's serial tormentor not the haymaker that was promised

Experts say it’s a useful post-compromise tool, for those with the brain cells required to put it together

Read source
gbhackers.com /3 weeks ago

AutoJack Exploit Chain Hits Microsoft AutoGen Studio With Zero-Click RCE Attack

A critical exploit chain dubbed AutoJack that allows a single malicious web page to hijack Microsoft’s AutoGen Studio browsing agent and silently execute arbitrary code on the host...

Read source
thehackernews.com /1 month ago

âš¡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More

Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod. This week is the same lesson...

Read source
thehackernews.com /1 day ago

Researcher Drops New Windows Zero-Day PoC Hours After Microsoft Patch Tuesday

Security researcher Chaotic Eclipse (aka Nightmare-Eclipse) has released a new proof-of-concept (PoC) exploit called LegacyHive. It has been described as a Windows User Profile Se...

Read source
thehackernews.com /3 weeks ago

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer the agent to load an...

Read source
theregister.com /1 month ago

Chrome's zero-day Whac-A-Mole continues with fifth exploited bug of the year

Google paid researcher a tidy $55K bounty for its discovery

Read source
itmedia.co.jp /1 month ago

Appleが5年がかりで開発したセキュリティ対策を5日で突破 「Mythos」が見せつけた脆弱性攻撃の威力

米セキュリティ企業のCalifが、米Appleが5年がかりで開発した最先端のセキュリティ対策「MIE」を突破するエクスプロイト(攻撃プログラム)を、わずか5日間で開発したと発表した。利用したのはA...

Read source
schneier.com /3 weeks ago

Anthropic’s Fable 5 Model Jailbroken Within Days

Fable 5 is the supposed safe version of Anthropic’s Mythos Preview, with guardrails to ensure that it can’t be used to create cyberattacks. Well, that restriction was bypassed with...

Read source

Turn fresh research into a full content calendar

Use SocialBu to discover ideas, generate post drafts, and schedule them across your social channels.

Sources covering Pwn2Own

cybersecuritynews.com

Recent coverage from public sources
Public source

feeds.feedburner.com

Recent coverage from public sources
Public source

gbhackers.com

Recent coverage from public sources
Public source

medium.com

Recent coverage from public sources
Public source

rss.itmedia.co.jp

Recent coverage from public sources
Public source

bleepingcomputer.com

Recent coverage from public sources
Public source