Microsoft awards $2.3M for cloud and AI vulnerabilities identified during Zero Day Quest 2026
Summary
Hide ▲
Show ▼
Microsoft awarded $2.3 million to security researchers following the 2026 Zero Day Quest hacking contest, where over 80 high-impact cloud and AI security vulnerabilities were identified. The event, held at Microsoft’s Redmond campus, engaged researchers from 20+ countries, including students and academics, who tested within authorized environments to identify critical flaws such as credential exposure, SSRF chains, and cross-tenant access risks. No customer data or tenant systems were accessed during testing. The total payout marks a significant investment in Microsoft’s Secure Future Initiative (SFI), aimed at improving Cloud and AI security by integrating findings across its engineering practices.
Timeline
-
15.04.2026 19:20 1 articles · 2h ago
Zero Day Quest 2026 results in $2.3M bounty payout for cloud and AI vulnerabilities
Microsoft awarded $2.3 million in bounties for 80+ high-impact cloud and AI security vulnerabilities identified by researchers during the Zero Day Quest 2026 hacking contest. Vulnerabilities included credential exposure, SSRF chains, and cross-tenant access risks, tested within authorized environments without accessing customer data or tenant systems. The event engaged researchers globally and is part of Microsoft’s Secure Future Initiative (SFI) to improve cloud and AI security.
Show sources
- Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest — www.bleepingcomputer.com — 15.04.2026 19:20
Information Snippets
-
Over 80 high-impact cloud and AI security vulnerabilities were confirmed during the Zero Day Quest 2026 event, including credential exposure, SSRF chains, and cross-tenant access risks.
First reported: 15.04.2026 19:201 source, 1 articleShow sources
- Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest — www.bleepingcomputer.com — 15.04.2026 19:20
-
A total of $2.3 million in bounty awards was distributed to researchers, following nearly 700 vulnerability submissions during the contest.
First reported: 15.04.2026 19:201 source, 1 articleShow sources
- Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest — www.bleepingcomputer.com — 15.04.2026 19:20
-
The 2026 Zero Day Quest event involved researchers from more than 20 countries, including participants ranging from high school students to college professors.
First reported: 15.04.2026 19:201 source, 1 articleShow sources
- Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest — www.bleepingcomputer.com — 15.04.2026 19:20
-
Microsoft’s 2026 Zero Day Quest offered a $5 million prize pool, described as the largest hacking event in history.
First reported: 15.04.2026 19:201 source, 1 articleShow sources
- Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest — www.bleepingcomputer.com — 15.04.2026 19:20
-
The Zero Day Quest is part of Microsoft’s Secure Future Initiative (SFI), launched in November 2023 to address identified security culture deficiencies.
First reported: 15.04.2026 19:201 source, 1 articleShow sources
- Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest — www.bleepingcomputer.com — 15.04.2026 19:20
-
Microsoft previously paid $1.6 million in rewards for over 600 submissions during the 2025 Zero Day Quest, which focused on cloud and AI product vulnerabilities.
First reported: 15.04.2026 19:201 source, 1 articleShow sources
- Microsoft pays $2.3M for cloud and AI flaws at Zero Day Quest — www.bleepingcomputer.com — 15.04.2026 19:20