CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

Microsoft Offers $5 Million at Zero Day Quest Hacking Contest

Research demonstrating high-impact cloud and AI security flaws will be rewarded at Microsoft’s Zero Day Quest competition in spring 2026. The post Microsoft Offers $5 Million at Zero Day Quest Hacking Contest appeared first on SecurityWeek.

Microsoft Patch Tuesday

Microsoft is offering up to $5 million to security researchers participating at the Zero Day Quest hacking competition, set to take place in spring 2026.

Zero Day Quest 2026 will be the second installment of the live hacking competition, after the tech giant paid out $1.6 million for vulnerability research as part of this year’s event.

Between August 4 and October 4, 2025, Microsoft is accepting submissions for vulnerabilities in Microsoft Azure, Copilot, Dynamics 365 and Power Platform, Identity, and M365, as part of the Zero Day Quest Research Challenge.

Critical-severity vulnerabilities and high-impact scenarios uncovered during the challenge are eligible for a +50% bounty multiplier, the tech giant announced.

Participating researchers will have the chance to qualify for the invite-only live hacking event, which will be held at Microsoft’s Redmond campus in spring 2026.

“This event will bring together the world’s leading security researchers — those who have demonstrated exceptional impact through their research — to collaborate directly with Microsoft product teams and the Microsoft Security Response Center (MSRC),” the company says.

Microsoft is also offering training sessions from the AI Red Team, MSRC, and Dynamics teams to all Zero Day Quest participants, and encourages them to share details on their findings publicly once the identified issues have been patched.

“As part of our Secure Future Initiative (SFI), we will transparently share critical vulnerabilities through the CVE program, even if no customer action is required. Learnings from the Zero Day Quest will be shared across Microsoft to help improve Cloud and AI security in alignment with SFI’s core principles: securing by default, by design, and in operations,” the company notes.

The Zero Day Quest contest is subject to the terms of Microsoft’s bug bounty program, and additional terms and conditions for both the challenge and the exclusive event. Instructions on how to submit reports can be found on the MSRC Researcher Portal.

Related: Microsoft Boosts .NET Bounty Program Rewards to $40,000

Related: The UK Brings Cyberwarfare Out of the Closet

Related: Report Shows How Long It Takes Ethical Hackers to Execute Attacks

Related: US State Department Launches Cyberspace and Digital Diplomacy Bureau

Latest News

CYBERNEWSMEDIAPublisher