Microsoft's Zero Day Quest 2026 Offers $5M for Cloud, AI Vulnerabilities
Microsoft is gearing up for its second Zero Day Quest live hacking contest, set to take place in spring 2026. The tech giant is inviting security researchers worldwide to find and report critical vulnerabilities in its cloud and AI systems, with rewards totaling up to $5 million.
The contest, running from August 4 to October 4, 2025, focuses on Microsoft's Azure, Copilot, Dynamics 365, Power Platform, Identity, and M365 services. Researchers are encouraged to share their findings publicly after fixes, with Microsoft's support for various media platforms.
During the submission period from October 1, 2025, to November 15, 2025, researchers can earn up to a +50% bounty bonus for top findings. These exceptional submissions may also secure an invitation to the exclusive Live Hacking Event at Microsoft's Redmond campus in spring 2026.
Microsoft is committed to improving its security and is willing to disclose critical vulnerabilities through the CVE program, even if no user action is needed. The Zero Day Quest contest is a testament to this commitment, offering substantial rewards and recognition to those who help strengthen Microsoft's systems.
