Microsoft has awarded $2.3 million to security researchers after receiving nearly 700 submissions during this year's Zero Day Quest hacking contest. Tom Gallagher, Vice President of Engineering at Microsoft Security Response Center (MSRC), said that over 80 flaws found during the live event at Microsoft's Redmond campus were high-impact cloud and AI security vulnerabilities. "During the 2026 live hacking event, Microsoft partnered with the global security research community, representing more than 20 countries and a wide range of professional backgrounds, from high school students to college professors," Gallagher said. "Researchers conducted all testing within authorized environments in accordance with Microsoft's Rules of Engagement, demonstrating potential impact without accessing customer data or other tenant systems. Within these constraints, researchers identified critical paths involving credential exposure, SSRF chains, and cross‑tenant access." Last August, Microsoft announced that it would increase the prize pool at this year's Zero Day Quest hacking contest to $5 million in bounty awards, which the company described as the "largest hacking event in history." The 2025 Zero Day Quest also generated significant participation from the security community, following Microsoft's offer of $4 million in rewards for vulnerabilities in cloud and AI products and platforms. After the hacking competition concluded, Microsoft announced it had paid $1.6 million in rewards after receiving more than 600 vulnerability submissions. The Zero Day Quest contest is part of Microsoft's Secure Future Initiative (SFI), a cybersecurity engineering effort launched in November 2023, following a scathing report from the Cyber Safety Review Board of the U.S. Department of Homeland Security that found the company's security culture "inadequate" and requiring "an overhaul."