Microsoft awarded $2.3 million to security researchers at its 2026 Zero Day Quest hacking contest, receiving nearly 700 submissions. Over 80 high-impact cloud and AI vulnerabilities were identified, including credential exposure, SSRF chains, and cross-tenant access issues. The event is part of Microsoft's Secure Future Initiative (SFI), launched after a U.S. DHS report criticized the company's security culture. The prize pool for this year's contest was $5 million, up from $4 million in 2025 when $1.6 million was paid out. Microsoft also recently expanded its bug bounty program to cover vulnerabilities in third-party code used in its online services.
Table of contents
Related Articles:Sort: