The exploit came barely a day after another researcher at Pwn2Own demonstrated code execution on Microsoft Teams, which, like Zoom, has seen a surge in use since the global COVID-19 pandemic forced an increase in remote work at many organizations. The two exploits and several others against Microsoft Exchange Server, Windows 10, and other technologies have served as a further reminder of just how vulnerable some core enterprise software and communication products are to modern attacks. One of the biggest trends we see is that the participants continue to evolve and adapt to the targets, says Brian Gorenc, senior director of vulnerability research and head of ZDI at Trend Micro, which organizes the event each year. Even as vendors make exploitation more difficult, contestants find a path to win.