Hackers Score Nearly $1M at Device-Focused Pwn2Own Contest
Offensive security researchers found 63 previously unreported vulnerabilities in printers, phones, and network-attached storage devices in the Zero Day Initiative's latest hackathon.
Stay informed on the latest in cyber contests with in-depth analysis on infosec challenges and competitions. Sharpen your security skills with us!
Search across headline titles and summaries.
Background for this topic.
Contest in information security describes competitive events where participants solve challenges related to hacking, defense, or secure coding. Common formats include capture-the-flag (CTF) contests, where teams exploit vulnerabilities or secure systems under time constraints. These contests simulate real-world attack and defense scenarios, testing skills like vulnerability analysis, exploitation, cryptography, and incident handling.
Security contests matter because they expose participants to practical attack techniques and defensive strategies, improving hands-on expertise. However, contest environments can also reveal undisclosed vulnerabilities or novel exploits that may later be weaponized if not responsibly disclosed. Organizers and participants must carefully manage sensitive findings to avoid unintended exposure, making contests relevant to vulnerability management and secure development practices.
Offensive security researchers found 63 previously unreported vulnerabilities in printers, phones, and network-attached storage devices in the Zero Day Initiative's latest hackathon.
Which is pocket change compared to what criminals will pay for zero-days, but thankfully community spirit remains strong Pwn2Own paid out almost $1 million to bug hunters at last week's consumer product hacking event in Toronto, but the prize money wasn't big enough attract attempts at cracking the iPhone or Google Pixel because miscreants can score far more from less wholesome sources.…