Security News

Over 70 zero-day flaws get hackers $1 million at Pwn2Own Ireland
2024-10-26 09:42

The fourth day of Pwn2Own Ireland 2024 marked the end of the hacking competition with more than $1 million in prizes for over 70 unique zero-day vulnerabilities in fully patched devices. [...]

QNAP, Synology, Lexmark devices hacked on Pwn2Own Day 3
2024-10-25 06:57

The third day of Pwn2Own Ireland 2024 continued to showcase the expertise of white hat hackers as they exposed 11 zero-day vulnerabilities, adding $124,750 to the total prize pool, which now...

Samsung Galaxy S24 and Sonos Era hacked on Pwn2Own Ireland Day 2
2024-10-24 14:01

On the second day of Pwn2Own Ireland 2024, competing white hat hackers showcased an impressive 51 zero-day vulnerabilities, earning a total of $358,625 in cash prizes. [...]

Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland
2024-10-23 14:01

On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. [...]

Apple fixes Safari WebKit zero-day flaw exploited at Pwn2Own
2024-05-14 15:56

Apple has released security updates to fix a zero-day vulnerability in the Safari web browser exploited during this year's Pwn2Own Vancouver hacking competition. [...]

VMware fixes three zero-day bugs exploited at Pwn2Own 2024
2024-05-14 14:48

VMware fixed four security vulnerabilities in the Workstation and Fusion desktop hypervisors, including three zero-days exploited during the Pwn2Own Vancouver 2024 hacking contest. Theori security researchers Gwangun Jung and Junoh Lee also went home with $130,000 in cash for escaping a VMware Workstation VM to gain code execution as SYSTEM on the host Windows OS using an exploit chain targeting three vulnerabilities: an uninitialized variable bug, a UAF weakness, and a heap-based buffer overflow.

Google fixes one more Chrome zero-day exploited at Pwn2Own
2024-04-03 16:39

Google has fixed another zero-day vulnerability in the Chrome browser, which was exploited by security researchers during the Pwn2Own hacking contest last month. One week ago, Google fixed two more Chrome zero-days exploited at Pwn2Own Vancouver 2024.

Google fixes Chrome zero-days exploited at Pwn2Own 2024
2024-03-27 18:44

Google fixed seven security vulnerabilities in the Chrome web browser on Tuesday, including two zero-days exploited during the Pwn2Own Vancouver 2024 hacking competition. Google fixed the two zero-days in the Google Chrome stable channel, version 123.0.6312.86/.87 for Windows and Mac and 123.0.6312.86 for Linux users, which will roll out worldwide over the coming days.

Mozilla fixes two Firefox zero-day bugs exploited at Pwn2Own
2024-03-22 17:45

Mozilla has released security updates to fix two zero-day vulnerabilities in the Firefox web browser exploited during the Pwn2Own Vancouver 2024 hacking competition. Mozilla fixed the security flaws in Firefox 124.0.1 and Firefox ESR 115.9.1 to block potential remote code execution attacks targeting unpatched web browsers on desktop devices.

Hackers earn $1,132,500 for 29 zero-days at Pwn2Own Vancouver
2024-03-22 05:13

Pwn2Own Vancouver 2024 has ended with security researchers collecting $1,132,500 after demoing 29 zero-days. Vendors have 90 days to release security fixes for zero-day vulnerabilities reported during Pwn2Own contests before TrendMicro's Zero Day Initiative discloses them publicly.