Pwn2Own Berlin 2026 is rapidly escalating into one of the most intense offensive security contests in recent years, with Day Two delivering a fresh wave of critical zero-day exploits targeting enterprise software, AI tools, and operating systems. <\/p>\n
Security researchers demonstrated real-world attack scenarios against high-value targets, including Microsoft Exchange<\/a>, Windows 11<\/a>, and AI coding platforms, highlighting the growing attack surface in modern environments.<\/p>\n Following a strong opening day<\/a>, the second day added\u00a0$385,750 in rewards for 15 new zero-day vulnerabilities, pushing the total to\u00a0$908,750 and 39 unique bugs\u00a0discovered so far. DEVCORE continues to dominate the leaderboard, largely due to a high-impact Microsoft Exchange compromise.<\/p>\n The most significant exploit of the day came from\u00a0Orange Tsai of DEVCORE, who chained three vulnerabilities to achieve\u00a0remote code execution (RCE) with SYSTEM privileges on Microsoft Exchange, as reported by Zero Day Initiative<\/a>. <\/p>\n This full-chain attack earned\u00a0$200,000 and 20 Master of Pwn points, making it the highest-value exploit of the event so far.<\/p>\n This type of attack is particularly dangerous because Exchange servers often sit at the core of enterprise communication. A successful RCE allows attackers to control email infrastructure fully, potentially enabling espionage, lateral movement, and data exfiltration.<\/p>\n For example, in a real-world scenario, an attacker exploiting Exchange could silently access internal emails, deploy malware, or impersonate executives in phishing campaigns.<\/p>\n Operating systems were also heavily targeted.\u00a0Siyeon Wi successfully exploited an integer overflow vulnerability in Windows 11, gaining elevated privileges and earning\u00a0$7,500. <\/p>\n While smaller in payout, such bugs are critical because they can turn limited access into full system control.<\/p>\n On the Linux side,\u00a0Ben Koo of Team DDOS exploited a use-after-free flaw\u00a0to escalate privileges on Red Hat Enterprise Linux, reinforcing the fact that memory safety issues continue to plague core systems.<\/p>\n AI and developer-focused tools emerged as major targets this year. Notably:<\/p>\n These findings underline a key trend: AI-powered development tools are becoming high-value targets due to their access to source code and developer workflows.<\/p>\n Not all attempts were successful. Exploits targeting\u00a0Apple Safari, Microsoft SharePoint<\/a>, and Mozilla Firefox<\/a>\u00a0failed during execution, showing the increasing difficulty of reliable exploitation even when vulnerabilities are known.<\/p>\n Meanwhile, several entries resulted in \u201ccollision\u201d outcomes, where researchers demonstrated valid exploits using previously discovered bugs. While still rewarded, these highlight overlapping research efforts within the security community.<\/p>\n With one day remaining, DEVCORE leads with\u00a040.5 points and $405,000, but the race for \u201cMaster of Pwn\u201d is still open. As more zero-days are expected, vendors, including Microsoft, Red Hat, and AI platform providers, will race to patch newly exposed vulnerabilities.<\/p>\n Pwn2Own Berlin continues to demonstrate how quickly attackers can chain multiple bugs into devastating exploits, offering defenders a critical early warning of what could soon appear in the wild.<\/p>\n Follow us on\u00a0Google News<\/a>,\u00a0LinkedIn<\/a>,\u00a0and\u00a0X<\/a>\u00a0to Get More Instant Updates.<\/strong><\/p>\n The post Microsoft Exchange, Windows 11, and Cursor Zero-Days Exploited on Pwn2Own Day 2<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nMicrosoft Exchange RCE Steals the Spotlight<\/strong><\/h2>\n
![\"Microsoft](\"https:\/\/i0.wp.com\/cybersecuritynews.com\/wp-content\/uploads\/2026\/05\/Image36.webp?resize=800%2C600&ssl=1\")
Windows 11 and Linux Privilege Escalations<\/strong><\/h2>\n
![\"Windows](\"https:\/\/i0.wp.com\/cybersecuritynews.com\/wp-content\/uploads\/2026\/05\/Image2-1024x768.webp?resize=1024%2C768&ssl=1\")
![\"Linux](\"https:\/\/i0.wp.com\/cybersecuritynews.com\/wp-content\/uploads\/2026\/05\/Media-1-1024x771.webp?resize=1024%2C771&ssl=1\")
\n