Hackers Win Big at Pwn2Own Berlin 2026 with $1.3 Million Prize
Pwn2Own Contest Awards $1.3 Million to Top Researchers
The annual Pwn2Own contest, organized by Trend Micro’s Zero Day Initiative (ZDI), has concluded in Berlin, with white-hat hackers securing a combined total of nearly $1.3 million for discovering novel vulnerabilities across various platforms.
Top Teams Earn Significant Prizes
- Devcore: Secured three separate vulnerabilities targeting Microsoft Exchange, Microsoft Edge, and Microsoft SharePoint, earning a total of $475,000. Their exploit chain included:
- $200,000 for a remote code execution exploit with system privileges on Microsoft Exchange
- $175,000 for a sandbox escape on Microsoft Edge
- $100,000 for exploiting Microsoft SharePoint
- StarLabs SG: Took home a similar prize with a VMware ESX exploit that included a cross-tenant code execution add-on, securing $200,000
- LiteLLM, OpenAI Codex, and LM Studio: Participants earned $40,000 apiece for hacking these AI products
- Cursor Exploits and Ollama Exploit: Smaller rewards were awarded to participants who successfully exploited these targets
According to the organizers, the contest underscored the importance of continued innovation in the field of cybersecurity research and development, as well as the need for collaboration among experts to identify and address emerging threats.— Pwn2Own Contest Organizers
Other notable teams, including Out Of Bounds, earned a total of $95,750 for their efforts, while some teams failed to succeed in their attempts to discover vulnerabilities targeting Oracle Autonomous AI Database, NV Container Toolkit, OpenAI Codex, Safari, SharePoint, Red Hat Enterprise Linux for Workstations, Firefox, and VMware ESX.
About Author
English