Pwn2Own Berlin 2026 concluded with $1.3 million in prize money and 47 zero-day vulnerabilities discovered, with Team DEVCORE winning $505,000 and Orange Tsai receiving the highest individual reward of $200,000 for a Microsoft Exchange exploitation.
A working exploit now exists for the Linux vulnerability DirtyDecrypt (CVE-2026-31635), primarily affecting distributions like Fedora, Arch Linux, and openSUSE Tumbleweed; users should install kernel updates.
Four malicious npm packages from the same attacker distribute different malware: a DDoS botnet and infostealers, with one package cloning the newly published Shai-Hulud worm; users should immediately remove affected packages and reset their security credentials.
AI tools such as phishing-as-a-service and chatbots enable novices to commit fraud at scale, while organized crime groups can outsource technical aspects through them.
Fast16 malware was a pre-Stuxnet sabotage tool for manipulating nuclear weapons simulations, using 101 precise manipulation rules to sabotage high explosive simulations in LS-DYNA and AUTODYN, possibly developed from 2005 by the NSA-linked Equation Group.
A Windows vulnerability known since 2020 (MiniPlasma) remains unpatched and allows SYSTEM privileges on current Windows systems, suggesting Microsoft either never fully fixed the issue or rolled back the patch.
Microsoft is restructuring the Windows print system by shifting core components from a driver-centric model to a protocol-based architecture, with native support for Mopria-compatible devices through the Microsoft IPP Class Driver since Windows 10 21H2.
The current IoT landscape is about survival of the fittest; IT teams must navigate LTE migration to 5G and harness AI as both opportunity and threat to remain competitive.
The Government Digital Service indirectly criticizes the NHS decision to block open-source code following security vulnerabilities, arguing that openness should be standard practice rather than the exception.
Google launches Gemini Embedding 2, the first multimodal embedding model that connects text, images, videos, audio and documents in a unified space, supporting over 100 languages and enabling agent-based RAG applications and visual search.