The Pwn2Own Berlin 2026 competition closed with a clear reminder for security officials: even fully-patched products can be violated by shackles of crashes and sophisticated techniques. In three days of competition held within the conference OffensiveCon, researchers obtained rewards for a total of $1,298,250 after explosion 47 zero-day vulnerabilities which affected from browsers and operating systems to container environments, virtualization and IA agents.
The event was not just an award show: it showed operational and technical trends that each organization should incorporate into its risk assessment. The operators were looking for bug chains to get remote run or privilege lifting on products such as Microsoft Exchange, Microsoft Edge, Windows 11, Red Hat Enterprise Linux for Workstations and VMware ESXi, and also targeted container toolkits and local inference agents for IA. The DEVCORE team took most of the loot and the Master of Pwn distinction after risking critical failures in Exchange and Edge, including an attack that was worth it. $200,000 by CERs with SYSTEM privileges.
That these attacks on patched software are demonstrated underlines two realities: on the one hand, attackers (or researchers) combine vectors that individually seem benign; on the other, modern environments - containers, virtual machines and local IA agents - add new and often unmature attack surfaces in terms of mitigation. The organizers of the competition, and the Zero Day Initiative (ZDI), implement an outreach policy that gives suppliers 90 days to correct before publishing details, which generates a responsibility and planning window for administrators and manufacturers ( ZDI summary).
What does this mean for those who manage infrastructure? First, prioritize external exposure: services with public or administrative interface - mail, browsers used by staff with high privileges, hypervisors and container management panels - should receive immediate attention in the parking and hardening cycles. Secondly, it must be accepted that the patches will sometimes reach within the 90-day window; therefore, compensatory controls should be applied: network segmentation, fallback policies for critical services, WAF / IPS rules and restrictions on access to management.
It is also essential to modernise detection and response: have EDR and telemetry to detect the exploitation of memory failures or side movements, practice hunt-and-detect exercises with commitment indicators and simulate attack chains in controlled environments. In the case of infrastructure implementing IA models and local agents, it is recommended to audit data flows, limit privileges of the inference process and isolate model containers to reduce impact if a vulnerability in the inference chain is exploited.
For product and incident response equipment, Pwn2Own is also a reminder of the effectiveness of the programme of interaction between the research community and the manufacturers: well-designed rewards encourage responsible disclosure and allow to remedy failures before they are public. Organizations should closely monitor ZDI notices and vendor bulletins, and use coordination channels to receive temporary mitigation and controlled concept testing.
Finally, from a governance and risk perspective, it is time to rethink the testing strategy: traditional automated tests are useful but not sufficient against multi-surface chains. Validating detection controls, cloud configuration shielding, and software operating responses requires exercises that combine manual penalizing techniques and continuous validation of controls; resources such as pentesting validation guides can help close that gap.
In short, Pwn2Own Berlin 2026 again made it clear that modern security requires a combination of point patches, compensatory controls, advanced telemetry and coordination with the vulnerability community. Monitoring the official disclosures and adjusting the defensive position accordingly is, today more than ever, an operational priority to reduce the operating window and impact on the organization.
18-year-old Ukrainian youth leads a network of infostealers that violated 28,000 accounts and left $250,000 in losses
The Ukrainian authorities, in coordination with US agents. They have focused on an operation of infostealer which, according to the Ukrainian Cyber Police, was allegedly adminis...
RAMPART and Clarity redefine the safety of IA agents with reproducible testing and governance from the start
Microsoft has presented two open source tools, RAMPART and Clarity, aimed at changing the way the safety of IA agents is tested: one that automates and standardizes technical te...
The digital signature is in check: Microsoft dismands a service that turned malware into apparently legitimate software
Microsoft announced the disarticulation of a "malware-signing-as-a-service" operation that exploited its device signature system to convert malicious code into seemingly legitim...
A single GitHub workflow token opened the door to the software supply chain
A single GitHub workflow token failed in the rotation and opened the door. This is the central conclusion of the incident in Grafana Labs following the recent wave of malicious ...
WebWorm 2025: the malware that is hidden in Discord and Microsoft Graphh to evade detection
The latest observations by cyber security researchers point to a change in worrying tactics of an actor linked to China known as WebWorm: in 2025 it has incorporated back doors ...
Identity is no longer enough: continuous verification of the device for real-time security
Identity remains the backbone of many security architectures, but today that column is cracking under new pressures: advanced phishing, real-time proxyan authentication kits and...
The dark matter of identity is changing the rules of corporate security
The Identity Gap: Snapshot 2026 report published by Orchid Security puts numbers to a dangerous trend: the "dark matter" of identity - accounts and credentials that are neither ...