Over two days in late May 2026, security researchers at the Pwn2Own Berlin hacking contest broke through Windows 11, Microsoft Edge, and multiple AI-integrated platforms, demonstrating 39 previously unknown vulnerabilities before a live audience of defenders, vendors, and competitors. Organized by Trend Micro’s Zero Day Initiative (ZDI), the contest awarded hundreds of thousands of dollars in prizes to researchers who proved they could compromise fully patched, production-grade software under strict time limits.
The results landed at a moment when U.S. federal agencies were already sounding alarms about active exploitation of Microsoft products. The overlap between contest-grade attack techniques and real-world threats tracked by the government sharpens the urgency for any organization running unpatched Microsoft software.
What happened at Pwn2Own Berlin
Pwn2Own operates on a simple but high-stakes premise: researchers register to attack specific software targets, and if they succeed, they collect a cash bounty and the vendor gets a detailed report of the flaw. Under ZDI’s coordinated disclosure rules, affected vendors typically have 90 days to develop and ship a patch before technical details go public.
This year’s Berlin edition expanded the target list to include AI and machine learning platforms alongside traditional categories like operating systems, browsers, and enterprise applications. Across two days of competition, participants successfully demonstrated 39 zero-day vulnerabilities, meaning flaws that had no existing patch at the time of exploitation.
Windows 11 fell to multiple exploit chains. Researchers showed they could escalate privileges from a standard user account to full system control, a scenario that mirrors how ransomware operators move laterally through corporate networks after an initial foothold. Microsoft Edge was also compromised, with at least one team chaining a renderer bug with a sandbox escape to achieve code execution outside the browser’s security boundary.
The AI category drew particular attention. Contest organizers included platforms that integrate large language models and machine learning inference engines into enterprise workflows. While ZDI has not yet published a full technical breakdown of every AI-related exploit, the inclusion of these targets signals that the security research community is turning serious attention to the attack surface created by AI adoption in corporate environments.
Federal agencies are already tracking Microsoft exploitation
The Pwn2Own results did not arrive in a vacuum. On August 6, 2025, the Cybersecurity and Infrastructure Security Agency (CISA) published a malware analysis report documenting active exploitation of Microsoft SharePoint vulnerabilities. That report includes analysis artifacts mapping specific flaws to malware samples and attacker behaviors observed in real incidents, not theoretical proof-of-concept code.
Separately, the National Vulnerability Database (NVD), maintained by NIST, carries a formal entry for CVE-2025-53770, which aggregates vendor advisories and severity information into a single tracking point used by enterprise security teams for prioritization and compliance.
Neither the CISA report nor the NVD entry has been directly linked to any specific Pwn2Own Berlin demonstration. The SharePoint flaws documented by CISA and the browser and OS exploits shown at the contest follow different attack paths and affect different defender teams. But the broader pattern is hard to ignore: Microsoft’s product ecosystem is under sustained pressure from both state-sponsored and financially motivated attackers, and the volume of newly disclosed flaws keeps growing.
The gap between discovery and patch
For defenders, the most dangerous period begins now. Under ZDI’s 90-day disclosure timeline, the vendors whose products were compromised in Berlin are working on fixes that have not yet shipped. During that window, the technical details remain confidential, but history shows that sophisticated attackers sometimes reverse-engineer patches or independently discover the same flaws before fixes reach end users.
Previous Pwn2Own cycles illustrate the pattern. Exploits demonstrated at past contests have reliably produced vendor patches, often within weeks, followed by NVD entries and CISA advisories that formalize the risk for compliance and audit purposes. The pipeline from contest to patch to public record is well established. The question is whether patches arrive before attackers weaponize the same techniques.
No public telemetry or incident reports have surfaced showing that the specific Windows 11 or Edge zero-days demonstrated in Berlin are already being used in attacks outside the contest environment. That absence should not be mistaken for safety. The CISA SharePoint report proves that Microsoft product vulnerabilities do migrate from discovery to active exploitation, and the 39 new flaws from Pwn2Own represent fresh material for attackers to study once details begin to trickle out.
What security teams should do now
Organizations running Microsoft SharePoint should treat the CISA malware analysis report as an immediate action item. Cross-referencing that advisory against internal patch status is the most direct step available today. If SharePoint instances remain unpatched against the vulnerabilities described in the report, those systems belong at the top of the remediation queue.
For Windows 11 and Edge, the priority shifts to preparation. Microsoft has not yet released patches tied to the Pwn2Own Berlin findings, but security teams should expect a wave of updates in the coming weeks. Setting up automated ingestion of CISA advisories and NVD updates into vulnerability management workflows can reduce the lag between public disclosure and local action.
The AI platform exploits add a newer dimension. Many organizations have deployed AI-integrated tools without fully mapping the security implications, and the Pwn2Own results suggest that researchers are finding exploitable weaknesses in those integrations. Security teams should inventory any AI or machine learning platforms in their environment and confirm whether those vendors participate in coordinated disclosure programs that would surface contest-related patches.
The window keeps shrinking
Pwn2Own Berlin put 39 zero-days on the board in 48 hours. Federal agencies are already documenting real-world exploitation of Microsoft products. The distance between a vulnerability’s discovery, its documentation by authorities, and its weaponization by attackers continues to narrow. For defenders, the lesson is not new, but the evidence backing it is fresh: disciplined patching and continuous monitoring are the only reliable ways to keep that shrinking window from becoming an open door.
More from Morning Overview
*This article was researched with the help of AI, with human editors creating the final content.
