[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fL_AuSqUE_B3YsonrY9D0FyQJlONPjaWvgcjE2hSvNVA":3},{"article":4,"iocs":54},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":33,"category":34,"article_tags":38},"4d7103ff-4fe3-4514-ba46-3e428ac493cb","Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days","pwn2own-berlin-2026-hits-capacity-as-rejected-hackers-release-0-days-09b58a","Pwn2Own Berlin 2026 reportedly reached full capacity for the first time, prompting rejected researchers to publicly disclose zero-day exploits targeting Firefox, NVIDIA, and AI platforms.","Pwn2Own Berlin 2026 reached capacity for the first time in 19 years, forcing organizers to close registration early on May 7. Dozens of rejected researchers responded by publicly disclosing zero-day exploits targeting Firefox, NVIDIA, Docker, Linux KVM, PyTorch, Oracle Autonomous AI Database, and AI coding tools like Claude Code and GitHub Copilot. This \"revenge disclosure\" wave threatens the contest's integrity and could render accepted competitors' exploits worthless if vendors patch vulnerabilities before the May 14 event.","Rejected Pwn2Own Berlin 2026 researchers publicly disclose zero-days for Firefox, NVIDIA, and AI platforms.","SecurityPwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days Pwn2Own Berlin 2026 reportedly reached full capacity for the first time, prompting rejected researchers to publicly disclose zero-day exploits targeting Firefox, NVIDIA, and AI platforms. byDeeba AhmedMay 12, 20262 minute read The world’s most famous hacking contest is facing a crisis it didn’t see coming. For the first time in 19 years, Pwn2Own Berlin 2026 has reportedly run out of space. The event, run by Trend Micro’s Zero Day Initiative (ZDI), hit a hard limit on how many hackers it can actually host. For your information, Pwn2Own is a live competition where experts detect zero-day vulnerabilities. What’s Happening with Pwn2Own Berlin? This 3-day contest officially starts on 14 May 2026 at OffensiveCon. However, the real action is all happening behind the stage as ZDI staff had to close the event’s registration early on 7 May because they simply couldn’t handle any more entries. The reason is that the contest has a fixed schedule because every exploit chain must be tested live. This process involves a team of ZDI staff who check the research, set up the exact hardware, and watch the attack happen on stage. And that’s why they can only handle a certain number of attempts. One of the dejected experts, Ryotkak, spent three weeks trying to sign up, only to be told the event was at maximum capacity. This bottleneck is happening because hackers are finding security flaws faster than the company can process them. Much of this speed comes from new Artificial Intelligence (AI) categories. This year, hackers are targeting tools like Claude Code, GitHub Copilot, Cursor, Ollama, and LM Studio. A report from Palisade Research suggests that AI is now helping these researchers build exploit chains at a speed that traditional contests can’t match. International Cyber Digest @IntCyberDigest on X, revealing details about the reported incident Researchers Go Public with Findings Because they were rejected, dozens of researchers are now releasing their secrets for free. This is being called a “revenge disclosure” wave. The group xchglabs had 86 vulnerabilities ready for systems like NVIDIA, Docker, Linux KVM, and PyTorch. Since they can’t compete for the $1,000,000 prize pool, they are sending their findings straight to the companies and posting the details online. Another researcher, ggwhyp, showed off a way to take over Firefox on Windows by making it open a calculator app. FuzzingLabs also had a way to break into an Oracle Autonomous AI Database that will now be shared outside the contest. This is bad news for the hackers who actually got a spot in Berlin because if a rejected researcher reports a bug today, companies like Mozilla or Anthropic might fix it immediately with a silent patch. If a company fixes the software before the contest starts, the hacker’s work becomes a collision or an n-day, which means it isn’t a secret anymore. In this case, the effort of those lucky contestants who made it to the stage might already be useless, and unfortunately, they won’t receive any reward. What’s even worse is that the secrecy and hype that usually surrounds Pwn2Own is gone, and the event hasn’t even started yet. Deeba Ahmed Deeba is a veteran cybersecurity reporter at Hackread.com with over a decade of experience covering cybercrime, vulnerabilities, and security events. Her expertise and in-depth analysis make her a key contributor to the platform’s trusted coverage. View Posts 0dayAIArtificial IntelligenceCybersecurityPwn2Owntrend microVulnerabilityZDI Leave a Reply Cancel reply View Comments (0) Related Posts Read More Phishing Scam Security Phishing Scam Uses Clean Emails and PDFs to Steal Dropbox Logins A multi-stage phishing campaign is targeting business users by exploiting Vercel cloud storage, PDF attachments, and Telegram bots to steal Dropbox credentials. byDeeba Ahmed Read More Cyber Crime Security Operation PowerOFF: 75K Users of DDoS-for-Hire Services Identified and Warned Operation PowerOFF identifies and warns 75K users of DDoS-for-hire services, nets 4 arrests, and seizes 53 domains in a Europol-led crackdown. byDeeba Ahmed Read More News Security Technology Crit.IX: Flaws in Honeywell Experion DCS, Posing Risk to Critical Industries There is no evidence of exploitation of these vulnerabilities as yet. byDeeba Ahmed Read More Security Microsoft Microsoft’s November Patch Tuesday Fixes 91 Vulnerabilities, 4 Zero-Days Microsoft’s November 2024 Patch Tuesday update fixes 91 security vulnerabilities, including four zero-day vulnerabilities. Critical fixes address actively… byWaqas","https:\u002F\u002Fhackread.com\u002Fpwn2own-berlin-2026-hits-capacity-hackers-0-days\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fpwn2own-berlin-2026-hits-capacity-hackers-0-days.jpg","2026-05-12T16:41:26+00:00","2026-05-12T18:00:29.070045+00:00",8,[18,21,24,26,28,31],{"name":19,"type":20},"Pwn2Own Berlin 2026","campaign",{"name":22,"type":23},"Trend Micro","vendor",{"name":25,"type":23},"Mozilla",{"name":27,"type":23},"NVIDIA",{"name":29,"type":30},"Firefox","product",{"name":32,"type":30},"Claude Code","574f766a-fb3f-487c-8d2c-0720ae75471b",{"id":33,"icon":35,"name":36,"slug":37},null,"Zero-day","zero-day",[39,44,49],{"category":40},{"id":41,"icon":35,"name":42,"slug":43},"80544778-fabb-4dcd-aa35-17492e5dcf4f","Vulnerabilities","vulnerabilities",{"category":45},{"id":46,"icon":35,"name":47,"slug":48},"839da5c1-3c34-47e2-9499-f7201640e3ac","AI Security","ai-security",{"category":50},{"id":51,"icon":35,"name":52,"slug":53},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[55,59,62],{"type":56,"value":57,"context":58},"malware","xchglabs","Researcher group disclosing 86 vulnerabilities in NVIDIA, Docker, Linux KVM, PyTorch",{"type":56,"value":60,"context":61},"ggwhyp","Researcher who disclosed Firefox Windows privilege escalation via calculator app",{"type":56,"value":63,"context":64},"FuzzingLabs","Researcher who disclosed Oracle Autonomous AI Database breakout exploit"]