Pwn2Own Berlin Day 2: Microsoft Exchange Hit with $200K Zero-Day Exploit

Pwn2Own Berlin 2026 showcases dramatic hacks on enterprise software and AI tools, with $385,750 in bounties added and major vulnerabilities exposed.

By Content Team

May 16, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Day two of Pwn2Own Berlin 2026 saw hackers unleash devastating attacks on enterprise software and AI tools, adding $385,750 in bug bounties to bring the total to $908,750.

Orange Tsai from DEVCORE stole the show with a brutal Microsoft Exchange exploit, chaining three vulnerabilities to achieve remote code execution with SYSTEM privileges. The attack earned $200,000 and highlights Exchange's role as a critical enterprise target.

Security researchers also compromised Windows 11 through an integer overflow bug and hit multiple AI coding platforms including Cursor IDE and OpenAI Codex. These AI tools are becoming prime targets due to their access to source code and developer workflows.

DEVCORE leads the competition with $405,000 in winnings, but the final day promises more zero-day discoveries as vendors scramble to patch newly exposed vulnerabilities.

Source: Cyber Security News

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

European Commission Hit by Major Data Breach Through Supply Chain Attack

Apr 5, 2026

Hackers Threaten Rockstar Games Over Grand Theft Auto VI Data Breach

Apr 14, 2026

Massive GitHub Campaign Spreads Trojan Through 300+ Fake AI Tool Packages

Mar 25, 2026

Hackers Poison Trivy Scanner Tags to Steal Credentials from 10,000+ CI/CD Pipelines

Mar 22, 2026