InfoSecBulletin Cybersecurity for mankind
Pwn2Own Automotive 2026 concluded with security researchers earning $1,047,000 for exploiting 76 zero-day vulnerabilities from January 21 to January 23.
The Pwn2Own Automotive hacking competition focused on car technologies and occurred this week in Tokyo, Japan, during the Automotive World conference.
LastPass says hackers stole customer data via Klue, supply chain breach
New Apple Exploit Bypasses Boot Defenses, Possibly Affects Millions of iPhones Worldwide
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
Hackers focused on fully updated in-vehicle infotainment systems, electric vehicle chargers, and car operating systems during the contest.
Vendors have 90 days to create security fixes for zero-day exploits reported during the Pwn2Own contest before TrendMicro’s Zero Day Initiative makes them public.
Team Fuzzware.io won the Pwn2Own Automotive 2026 contest, earning $215,000, followed by Team DDOS with $100,750 and Synactiv with $85,000.
Fuzzware.io made $118,000 by hacking an Alpitronic HYC50 Charging Station, an Autel charger, and a Kenwood DNR1007XR navigation receiver on the first day.
They received $95,000 for finding zero-day vulnerabilities in the Phoenix Contact CHARX SEC-3150, ChargePoint Home Flex EV charger, and Grizzl-E Smart 40A EV charger on the second day. They also earned $2,500 for a bug collision while trying to root an Alpine iLX-F511 multimedia receiver on the final day of the contest.
The Synacktiv Team earned $35,000 for exploiting an out-of-bounds write flaw and an information leak to hack the Tesla Infotainment System using a USB-based attack on the first day of Pwn2Own.
The schedule and results for the third day are available here, as well as the complete schedule for Pwn2Own Automotive 2026. In Pwn2Own Automotive 2024, hackers earned $1,323,750 by exploiting 49 zero-day bugs and hacking a Tesla twice. Last year, they made $886,250 for 49 zero-days during Pwn2Own Automotive 2025.
