Security News

Synology hurries out patches for zero-days exploited at Pwn2Own
2024-11-01 16:38

Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week's Pwn2Own hacking competition within days. [...]

QNAP patches second zero-day exploited at Pwn2Own to get root
2024-10-30 17:36

QNAP has fixed a second zero-day vulnerability exploited at the Pwn2Own Ireland 2024 hacking contest to gain a root shell and take over a TS-464 NAS device. [...]

QNAP fixes NAS backup software zero-day exploited at Pwn2Own
2024-10-29 17:35

QNAP has fixed a critical zero-day vulnerability exploited by security researchers on Thursday to hack a TS-464 NAS device during the Pwn2Own Ireland 2024 competition. [...]

Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland
2024-10-26 09:42

The fourth day of Pwn2Own Ireland 2024 marked the end of the hacking competition with more than $1 million in prizes for over 70 unique zero-day vulnerabilities in fully patched devices. [...]

QNAP, Synology, Lexmark devices hacked on Pwn2Own Day 3
2024-10-25 06:57

The third day of Pwn2Own Ireland 2024 continued to showcase the expertise of white hat hackers as they exposed 11 zero-day vulnerabilities, adding $124,750 to the total prize pool, which now...

Samsung Galaxy S24 and Sonos Era hacked on Pwn2Own Ireland Day 2
2024-10-24 14:01

On the second day of Pwn2Own Ireland 2024, competing white hat hackers showcased an impressive 51 zero-day vulnerabilities, earning a total of $358,625 in cash prizes. [...]

Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland
2024-10-23 14:01

On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. [...]

Apple fixes Safari WebKit zero-day flaw exploited at Pwn2Own
2024-05-14 15:56

Apple has released security updates to fix a zero-day vulnerability in the Safari web browser exploited during this year's Pwn2Own Vancouver hacking competition. [...]

VMware fixes three zero-day bugs exploited at Pwn2Own 2024
2024-05-14 14:48

VMware fixed four security vulnerabilities in the Workstation and Fusion desktop hypervisors, including three zero-days exploited during the Pwn2Own Vancouver 2024 hacking contest. Theori security researchers Gwangun Jung and Junoh Lee also went home with $130,000 in cash for escaping a VMware Workstation VM to gain code execution as SYSTEM on the host Windows OS using an exploit chain targeting three vulnerabilities: an uninitialized variable bug, a UAF weakness, and a heap-based buffer overflow.

Google fixes one more Chrome zero-day exploited at Pwn2Own
2024-04-03 16:39

Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month. One week ago, Google fixed two more Chrome zero-days exploited at Pwn2Own Vancouver 2024.