Orange Tsai Wins 375000 at Pwn2Own Berlin, Google Tests Cloud Storage Reductions

Orange Tsai Claims 375000 Dollar Prize at Pwn2Own Berlin for Microsoft Exploits

• Orange Tsai earned 175000 dollars by escaping Microsoft Edge sandbox.
• Additional 200000 dollars payout followed Microsoft Exchange server compromise.
• Total earnings hit 375000 dollars across two days at Berlin event.

BERLIN, GERMANY, May 15 (TNGB) – Security researcher Orange Tsai reportedly chained four logic bugs to escape the Microsoft Edge sandbox during the Pwn2Own Berlin 2026 contest organized by the Zero Day Initiative. The first-day demonstration earned him a 175000 dollar payout from contest organizers. On the second day he reportedly compromised a Microsoft Exchange server in the server category and secured an additional 200000 dollars. His combined total reached 375000 dollars from two separate exploits completed within 24 hours at the Berlin venue.

Successive high-value exploits at Pwn2Own expose persistent weaknesses in widely deployed enterprise software.

Why This Matters: Public demonstrations of chained vulnerabilities accelerate vendor patch timelines and improve defensive priorities for critical applications.

Japanese Pokémon Store Cuts Corners of Booster Packs to Deter Scalpers

• Store policy involves cutting corners on Pokémon booster packs.
• Action reportedly removes resale value to discourage scalpers.
• Goal is to benefit regular customers by curbing price inflation.

TOKYO, JAPAN, May 15 (TNGB) – A Pokémon store in Japan reportedly began cutting the corners of booster packs sold in physical locations. This physical change reportedly renders the packaging unusable for verified resale on secondary markets. Store operators stated the measure targets scalpers who purchase large volumes and resell at markups. Regular customers reportedly benefit from more consistent stock availability and reduced price pressure on popular sets.

Direct packaging damage offers a practical defense against collectible market exploitation.

Why This Matters: Retail-level interventions can stabilize product access for everyday buyers while disrupting organized resale activity.

Google Tests Default 5GB Free Cloud Storage for New Accounts with Verification for Full 15GB

• Google tests default free storage of 5GB for newly created accounts.
• Full 15GB tier reportedly requires phone or security verification steps.
• Longstanding standard allocation has been 15GB for verified users.

USA, May 15 (TNGB) – Google reportedly tests a revised policy that sets the default free cloud storage tier at 5GB for new accounts. Users can reportedly unlock the full longstanding 15GB allocation by completing phone number verification or additional security measures during signup. The company confirmed the testing targets new account creation processes amid storage management reviews. This differs from prior automatic provision of 15GB to all accounts without extra steps.

Default tier testing encourages verification while preserving higher limits for confirmed users.

Why This Matters: Changes to entry-level storage defaults influence new user onboarding and long-term platform engagement patterns.

Avada Builder WordPress Plugin Flaws Open Door to Site Credential Theft

• Vulnerabilities in Avada Builder plugin allow credential theft on sites.
• Flaws reportedly affect WordPress installations using the popular builder tool.
• Users face risks of unauthorized access to website accounts and data.

USA, May 15 (TNGB) – Security researchers reportedly identified flaws in the Avada Builder WordPress plugin that permit theft of site administrator credentials. The vulnerabilities reportedly enable attackers to compromise websites built with the widely adopted tool. Site owners could face unauthorized account access or data exposure if the issues remain unpatched. Developers reportedly received pressure to issue updates given the plugin’s extensive user base.

Flaws in the Avada Builder plugin create serious risks to WordPress site security and user credentials.

Why This Matters: Weaknesses in popular content management plugins can expose large numbers of websites to credential compromise.

Microsoft Changes Edge Browser Policy to Stop Loading Passwords in Memory on Startup

• Microsoft backpedaled on Edge loading passwords into memory at startup.
• Update reportedly prevents potential exposure of stored credentials.
• Change addresses security concerns over memory handling practices.

USA, May 15 (TNGB) – Microsoft reportedly adjusted Edge browser startup behavior to stop loading saved passwords into system memory. The change reportedly reduces the timeframe during which credential data remains accessible to memory-scanning attacks. The company acknowledged prior practices had raised concerns among security researchers. Updated browser versions reportedly apply the revised memory handling approach to limit exposure.

Browser memory management changes aim to strengthen protection for stored user credentials.

Why This Matters: Modifications to how browsers manage sensitive data in memory reduce opportunities for credential-harvesting techniques.

WhatsApp Keeps End to End Encryption but Instagram DMs Do Not Match Privacy Standards

• WhatsApp continues to protect messages with end to end encryption.
• Instagram direct messages reportedly lack equivalent privacy protections.
• Users should assume Meta can access Instagram chat content.

USA, May 15 (TNGB) – Privacy researchers reportedly note that WhatsApp maintains end-to-end encryption for personal messages exchanged between users. Instagram direct messages reportedly operate without the same encryption standard, allowing platform access to content. Meta reportedly retains visibility into Instagram chats for safety, moderation, and operational purposes. The difference reportedly leads users to select platforms based on the sensitivity of specific conversations.

Platform differences in encryption require users to select tools matching their privacy priorities.

Why This Matters: Distinct encryption standards across services enable users to align choices with confidentiality requirements.

Police to Use Facial Recognition Technology at Protests for First Time

• Facial recognition deployment at protests marks a first for police.
• Technology use reportedly begins tomorrow at upcoming events.
• Civil rights organizations have expressed concerns about privacy impacts.

LONDON, UNITED KINGDOM, May 15 (TNGB) – Police reportedly prepare to deploy facial recognition technology at protests for the first time on the following day. The system reportedly performs real-time scanning to identify individuals within demonstration crowds. Civil liberties groups reportedly raised concerns regarding data retention, accuracy rates, and potential scope of use. Authorities reportedly have not released comprehensive details on image storage or match retention policies.

Expanded surveillance tools at public gatherings raise questions about balancing security and privacy rights.

Why This Matters: Initial deployment of facial recognition during protests establishes operational precedents for biometric monitoring of assemblies.

Independent Studies Confirm Anthropic Claude Mythos and OpenAI GPT 5.5 Outpace AI Trend Lines

• Two studies examined performance of Anthropic Claude Mythos Preview.
• OpenAI GPT 5.5 also exceeded previous researcher trend expectations.
• Both models reportedly advanced beyond tracked performance benchmarks significantly.

USA, May 15 (TNGB) – Two independent research teams reportedly evaluated capability trends in recent frontier AI models. The Anthropic Claude Mythos Preview reportedly exceeded every performance trajectory analysts had monitored in prior assessments. OpenAI’s GPT 5.5 similarly surpassed established projection curves according to separate study results. Researchers reportedly concluded that progress occurred faster than earlier models had led forecasters to expect.

Rapid AI capability gains continue to challenge existing forecasts and expectations in the field.

Why This Matters: Accelerated model performance gains influence safety research priorities, investment decisions, and regulatory timelines.

Honda Introduces New Hybrid Vehicles for American Market Amid EV Financial Losses

• Honda unveiled new hybrid models targeted at US buyers.
• Company reportedly absorbed 9 billion dollars in EV related losses.
• Shift reportedly emphasizes hybrids alongside electric vehicle development.

USA, May 15 (TNGB) – Honda reportedly introduced new hybrid vehicle models designed for the American market in recent presentations. The automaker simultaneously reported absorbing approximately 9 billion dollars in losses tied to its electric vehicle initiatives. The hybrid emphasis reportedly functions as a transitional strategy while electric vehicle infrastructure and consumer adoption continue evolving. This approach reportedly provides buyers with additional powertrain choices during market shifts.

Hybrid focus provides automakers flexibility during transitions in vehicle technology and consumer demand.

Why This Matters: Hybrid lineups help manufacturers address regulatory requirements and buyer preferences while managing costs from electric vehicle development.

Casimir Force Adapted by Researchers for Potential Free Energy Applications

• Scientists reportedly adapted the Casimir force for energy generation experiments.
• Project reportedly explores quantum vacuum effects for practical power.
• Development reportedly avoids reliance on traditional energy sources.

USA, May 15 (TNGB) – Researchers reportedly investigated methods to harness the Casimir force, a quantum vacuum effect between surfaces, for energy-related concepts. The phenomenon reportedly generates measurable forces in vacuum environments and is now under study for potential energy extraction applications. Early laboratory work reportedly focuses on converting these effects into usable forms without conventional fuel inputs. The research reportedly remains in experimental stages with substantial engineering challenges remaining.

Scientists explore Casimir force as basis for unconventional free energy generation methods.

Why This Matters: Quantum vacuum research may eventually contribute alternative approaches to energy generation beyond existing renewable technologies.