Microsoft Exchange, Windows 11 hacked on second day of Pwn2Own
Summary
During the second day of Pwn2Own Berlin 2026, contestants successfully exploited 15 unique zero-day vulnerabilities in various software, including Windows 11, Microsoft Exchange, and Red Hat Enterprise Linux. These exploits resulted in the awarding of $385,750 in cash prizes to the researchers.
IFF Assessment
The discovery and exploitation of zero-day vulnerabilities in widely used software represents a significant threat to defenders, as these flaws can be used by attackers before patches are available.
Defender Context
This event highlights the ongoing discovery of critical zero-day vulnerabilities in popular operating systems and applications, emphasizing the need for robust endpoint detection and response (EDR) and timely patching strategies. Defenders should be prepared for potential exploitation of newly disclosed flaws even before official patches are released.