Original post on openbiblio.social

"Jede Regel hat eine Geschichte" - was wohl die hinter dieser hier bei #pwn2own ist?
"In addition, [...] employees of [...] all libraries, including public, private school, college or university, research, and private libraries can participate in the Contest only if you are doing so outside of […]

Zero Day Initiative — Announcing Pwn2Own Berlin for 2026 If you just want to read the contest rules, click here .   Willkommen zurück, meine Damen und Herren, zu unserem zweiten Wettbewerb in Berlin! That’s correct (if Google translate didn’t s...

Announcing #Pwn2Own Berlin 2026! We've got 10 categories for targets, including an expanded #AI target list. We have 4 AI categories - including coding agents (looking at you #Claude). More than $1,000,000 in cash & prizes available. Read the details at www.zerodayinitiative.com/blog/2026/3/...

Swipe, Plug-in, Pwned: Researchers Find New Ways to Hack Vehicles Security researchers exploited dozens of vulnerabilities in vehicle infotainment systems and EV chargers in the latest Pwn2Own at Automotive World 2026.

Swipe your card, own the charger. Plug in the cable, own the car. The road to the future is paved with zero-days and nobody bothered to fill the potholes. #Pwn2Own

自動車業界の未来を守る！ゼロデイ脆弱性コンテスト「Pwn2Own Automotive 2026」が盛況裏に終了 世界中のリサーチャーが集結した「Pwn2Own Automotive 2026」。ゼロデイ脆弱性の発見と実証を通じ、自動車セキュリティの重要性が再確認された大会の詳細をお届けします。

自動車業界の未来を守る！ゼロデイ脆弱性コンテスト「Pwn2Own Automotive 2026」が盛況裏に終了 #東京都 #新宿区 #VicOne #トレンドマイクロ #Pwn2Own

世界中のリサーチャーが集結した「Pwn2Own Automotive 2026」。ゼロデイ脆弱性の発見と実証を通じ、自動車セキュリティの重要性が再確認された大会の詳細をお届けします。

[RSS] When NAS Vendors Forget How TLS Works


www.interruptlabs.co.uk ->

#QNAP #Synology #Pwn2Own #NoCVE


Original->

Pwn2Own Automotive: 76 Zero-Days Disclosed

~Trendmicro~
Researchers earned over $1M for disclosing 76 zero-day vulnerabilities in connected vehicle systems at Pwn2Own Automotive.
-
IOCs: (None identified)
-
#Pwn2Own #ThreatIntel #ZeroDay

Playing Doom on EV Chargers: Pwn2Own Automotive 2026 Uncovers 76 Zero-Days, Pays $1M - WinBuzzer Pwn2Own Automotive 2026 has uncovered 76 zero-day vulnerabilities in Tesla systems, EV chargers, and vehicle platforms, with researchers earning $1,047,000.

winbuzzer.com/2026/01/26/p...

Playing Doom on EV Chargers: Pwn2Own Automotive 2026 Uncovers 76 Zero-Days, Pays $1M

#Pwn2Own #Cybersecurity #Security #ZeroDayVulnerabilities #Hacking #Tesla #ElectricVehicles #Exploits #Hackers

On the clock: Escaping VMware Workstation at Pwn2Own Berlin 2025 On the clock: Escaping VMware Workstation at Pwn2Own Berlin 2025

At #Pwn2Own Berlin 2025, a full exploit chain against VMware Workstation was demonstrated via a heap overflow in the PVSCSI controller.
Despite Windows 11 LFH mitigations, advanced heap shaping and side-channel techniques enabled a reliable exploit.

🔍 www.synacktiv.com/en/publicati...

Hackers get $1,047,000 for 76 zero-days at Pwn2Own Automotive 2026 Pwn2Own Automotive 2026 has ended with security researchers earning $1,047,000 after exploiting 76 zero-day vulnerabilities between January 21 and January 23. [...]

Hackers get $1,047,000 for 76 zero-days at #Pwn2Own Automotive 2026

www.bleepingcomputer.com/news/security/hackers-ge...

#cybersecurity #IoT #cars

Infotainment, EV Charger Exploits Earn $1M at Pwn2Own Automotive 2026 - Slashdot Trend Micro's Zero Day Initiative sponsored its third annual Pwn2Own Automotive competition in Tokyo this week, receiving 73 entries, the most ever for a Pwn2Own event. "Under Pwn2Own rules, all disclosed vulnerabilities are reported to affected vendors through ZDI," reports Help Net Security, "w...

Hackers pwn cars & chargers! 🤯 Doom on a supercharger?! $1M+ in bugs found. 🚗⚡️ #Pwn2Own

Source: it.slashdot.org/story/26/01/25/0131222/i...

📰 Pwn2Own Automotive 2026 Hadiahi Peneliti Keamanan Lebih dari USD 1 Juta untuk 76 Zero-Day

👉 Baca artikel lengkap di sini: ahmandonk.com/2026/01/24/pwn2own-autom...

#ev #charger #hacking #infotainment #mobil #keamanan #siber #otomotif #pwn2own #zero-day

On the podium at #Pwn2Own Automotive 2026 🥉

Synacktiv ranked 3rd in Tokyo 🇯🇵 after successful attacks on #Tesla Infotainment (USB), #Sony XAV-9500ES (USB) and #Autel MaxiCharger (NFC).

📍 Next stop: Berlin!

$1,047,000 - 76 unique 0-day vulnerabilities - three days of incredible research on display. #Pwn2Own Automotive had it all: bold exploits, clever techniques, and collisions. Congrats to Fuzzware.io (@ScepticCtf, @diff_fusion, @SeTcbPrivilege), Master of Pwn with $215,500 and 28 points! #P2OAuto

📰 29 Zero-Day Dieksploitasi di Hari Kedua Pwn2Own Automotive 2026

👉 Baca artikel lengkap di sini: ahmandonk.com/2026/01/23/pwn2own-autom...

#ev #charger #infotainment #mobil #keamanan #otomotif #pwn2own #pwn2own #automotive #zero-day

Collision! Ryo Kato (@Pwn4S0n1c) targeted the Autel MaxiCharger AC Elite Home 40A, demonstrating a three-bug chain but encountering one collision, still earning $16,750 USD and 3.5 Master of Pwn points. #Pwn2Own #P2OAuto

Verified! Nam Ha Bach and Vu Tien Hoa of the FPT NightWolf Team targeted the Alpine iLX-F511, exploiting one unique vulnerability to gain root access and earning $5,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto

Confirmed! Elias Ikkelä-Koski and Aapo Oksman of Juurin Oy targeted the Kenwood DNR1007XR, demonstrating a link-following vulnerability to earn $5,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto

Collision. Autocrypt (Hoyong Jin, Jaewoo Jeong, Chanhyeok Jung, Minsoo Son, and Kisang Choi) targeted the Alpine iLX-F511, demonstrating two vulnerabilities to gain root access. One collided with a previously known issue, earning $3,000 USD and 1.25 Master of Pwn points. #Pwn2Own #P2OAuto

Hackers exploit 29 zero-days on second day of Pwn2Own Automotive Hackers collect $439,250 after exploiting 29 zero-day vulnerabilities on the second day of Pwn2Own Automotive 2026.

Hackers exploit 29 zero-days on second day of #Pwn2Own Automotive

www.bleepingcomputer.com/news/security/hackers-ex...

#cybersecurity #IoT #cars

Collision! Nguyen Thanh Dat (@rewhiles) of Viettel Cyber Security (@vcslab) targeted the Kenwood DNR1007XR, demonstrating one bug but encountering a collision, earning $2,500 USD and 1 Master of Pwn point. #Pwn2Own #P2OAuto

Boom! or shall I say Doom? Game On! Aapo Oksman, Elias Ikkelä-Koski and Mikael Kantola of Juurin Oy exploit the Alpitronic HYC50 with a TOCTOU bug - and installed a playable version of Doom to boot. They earn $20,000 and 4 Master of Pwn points. #Pwn2Own #P2OAuto

Collision! Qrious Secure (@qriousec) targeted the Kenwood system, demonstrating three bugs - one n-day and two unique vulnerabilities (incorrect permission assignment and a race condition), earning $4,000 USD and 1.75 Master of Pwn points. #Pwn2Own #P2OAuto

Confirmed! Viettel Cyber Security (@vcslab) targeted the Sony XAV‑9500ES, exploiting a heap‑based buffer overflow to achieve arbitrary code execution, earning $10,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto

Verified! Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS targeted the Alpine iLX‑F511, exploiting a stack‑based buffer overflow to earn $5,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto

Confirmed! PetoWorks (@petoworks) targeted the Grizzl-E Smart 40A, exploiting one buffer overflow bug, and earned $10,000 USD and 4 Master of Pwn points. #Pwn2Own #P2OAuto

Collision! Team MST targeted the Kenwood DNR1007XR, demonstrating one bug but running into a collision, earning $2,500 USD and 1 Master of Pwn point. #Pwn2Own #P2OAuto

Another collision! Slow Horses of Qrious Secure (@qriousec) targeted the Grizzl-E Smart 40A but encountered two bug collisions, still earning $5,000 USD and 2 Master of Pwn points. #Pwn2Own #P2OAuto

Collision! Tobias Scharnowski (@ScepticCtf), Felix Buchmann (@diff_fusion), and Kristian Covic (@SeTcbPrivilege) of Fuzzware.io targeted the Alpine iLX-F511, demonstrating one vulnerability previously used by another contestant, earning $2,500 USD and 1 Master of Pwn point. #Pwn2Own #P2OAuto

Day 3 of Pwn2Own Automotive 2026 is here - the final push. Bold attempts. High stakes. One last day. #Pwn2Own #P2OAuto