top of page
ALL POSTS
Pwn2Own Berlin 2026 Day One: $523,000 Paid Out as AI Products Fall
Key Findings Day one of Pwn2Own Berlin 2026 resulted in 24 zero-day vulnerabilities demonstrated across 22 entries, with researchers earning $523,000 in total rewards Orange Tsai of DEVCORE Research Team dominated the leaderboard with a $175,000 Microsoft Edge sandbox escape using four chained logic bugs Windows 11 was successfully exploited three times by different researchers, each demonstrating distinct privilege-escalation vulnerabilities on fully patched systems AI platf
May 153 min read
ThreatsDay Bulletin: Edge Plaintext Password Exposure, Critical ICS 0-Days, Urgent Patch Alerts and 25+ Breaking Security Stories
Key Findings Microsoft Edge stores saved passwords in plaintext in memory on startup, accessible to any process with administrative privileges MicroStealer malware targeting education and telecom sectors spreads via multi-stage delivery chains and exfiltrates data through Discord FTC settlement with Kochava blocks sale of location data including income, device IDs, and real-time geolocation without explicit consent pnpm 11 implements 24-hour minimum release age for packages t
May 75 min read
bottom of page
