Pwn2Own Vancouver 2024 hacking competition is over. Hackers earned $1,132,500 for showing 29 unique zero-days.
Participants in the Pwn2Own Vancouver 2024 hacking competition earned $1,132,500 for demonstrating 29 unique zero-days. On the first day, Team Synacktiv successfully demonstrated exploits against a Tesla car.
By infosecbulletin
/ Tuesday , April 1 2025
Israeli cybersecurity firm Check Point has responded to a hacker who claimed to have stolen valuable information from its systems....
Read More
By infosecbulletin
/ Tuesday , April 1 2025
Apple has issued an urgent security advisory about 3 critical zero-day vulnerabilities—CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085—that are being actively exploited in...
Read More
By infosecbulletin
/ Tuesday , April 1 2025
GreyNoise has detected a sharp increase in login scanning aimed at Palo Alto Networks PAN-OS GlobalProtect portals. In the past...
Read More
By infosecbulletin
/ Monday , March 31 2025
Canon has announced a critical security vulnerability, CVE-2025-1268, in printer drivers for its production printers, multifunction printers, and laser printers....
Read More
By infosecbulletin
/ Sunday , March 30 2025
RamiGPT is an AI security tool that targets root accounts. Using PwnTools and OpwnAI, it quickly navigated privilege escalation scenarios...
Read More
By infosecbulletin
/ Sunday , March 30 2025
Cybersecurity researcher Jeremiah Fowler recently revealed a sensitive data exposure involving the Australian fintech company Vroom by YouX, previously known...
Read More
By infosecbulletin
/ Sunday , March 30 2025
Safety Detectives' Cybersecurity Team found a forum post where a threat actor shared a .CSV file with over 200 million...
Read More
By infosecbulletin
/ Saturday , March 29 2025
The Federal Bureau of Investigation (FBI) is probing the cyberattack at Oracle (ORCL.N), opens new tab that has led to...
Read More
By infosecbulletin
/ Thursday , March 27 2025
OpenAI has increased its maximum bug bounty payout to $100,000, up from $20,000, to encourage the discovery of critical vulnerabilities...
Read More
By infosecbulletin
/ Thursday , March 27 2025
Splunk has released a security advisory about critical vulnerabilities in Splunk Enterprise and Splunk Cloud Platform. These issues could lead...
Read More
The researcher Manfred Paul (@_manfp) won the Master of Pwn earning $202,500 and 25 points.
Participants demonstrated several zero-day exploits against various products such as Apple Safari, Google Chrome, and Microsoft Edge browsers, Windows 11, Ubuntu Desktop, VMware Workstation, Oracle VirtualBox, and Tesla. On Day Two, Manfred Paul (@_manfp) managed to escape the sandbox in Mozilla Firefox by exploiting an OOB Write for the RCE and an exposed dangerous function bug. He was rewarded with $100,000 and 10 Master of Pwn points for this successful hack.

Seunghyun Lee, a researcher from KAIST Hacking Lab, used a UAF to remotely execute code in Microsoft Edge and Google Chrome. He earned $85,000 and 9 Master of Pwn points.
The STAR Labs SG team showed the first Docker desktop escape at the Pwn2Own hacking competition by using two vulnerabilities, including a UAF. They won $60,000 and 6 Master of Pwn points.
The complete list of results for the first Two of the Pwn2Own Vancouver 2024 hacking competition is available here:
https://www.zerodayinitiative.com/blog/2024/3/21/pwn2own-vancouver-2024-day-two-results
Vendors have 90 days to fix the vulnerabilities found during the Pwn2Own hacking competition before they are publicly disclosed by TrendMicro’s Zero Day Initiative.