CRITICALZero Day
Global

Security Researchers Find 47 Zero-Days at Pwn2Own Berlin

·Source: Infosecurity Magazine

Updated:

Executive Summary

The research community was awarded $1.3m as it found dozens of novel vulnerabilities at Pwn2Own Berlin

Analysis

The research community was awarded $1.3m as it found dozens of novel vulnerabilities at Pwn2Own Berlin
Source Attribution

Originally published by Infosecurity Magazine on May 18, 2026.

Related Threats

MEDIUMZero Day

⚡ Weekly Recap: Exchange 0-Day, npm Worm, Fake AI Repo, Cisco Exploit and More

Monday opens with a trust problem. A mail server flaw is under active use. A network control system was targeted. Trusted packages were poisoned. A fake model page pushed a stealer. Then came the familiar ransom claim: the data was returned and deleted. The pattern is clear. One weak dependency can leak keys. One leaked key can open cloud access. One cloud foothold can become a production

The Hacker News
CRITICALZero Day

‘Patched’ Windows bug resurfaces 6 years later as working SYSTEM-level exploit

An old elevation-of-privilege (EoV) vulnerability affecting the Cloud Filter driver “cldflt.sys” in Windows has come back to haunt Microsoft, as researchers claim it is still exploitable six years after it was supposedly patched. The flaw, originally reported to Microsoft by Google Project Zero researcher James Forshaw in September 2020, was recently picked up by Nightmare Eclipse , a researcher o

CVE-2020-17103CVE-2026-33825
CSO Online
CRITICALZero Day

Zero-Day Exploit Against Windows BitLocker

It’s nasty , but it requires physical access to the computer: The exploit, named YellowKey, was published earlier this week by a researcher who goes by the alias Nightmare-Eclipse. It reliably bypasses default Windows 11 deployments of BitLocker, the full-volume encryption protection Microsoft provides to make disk contents off-limits to anyone without the decryption key, which is stored in

Schneier on Security