We have another collision. Team Viettel used two bugs to exploit the Lexmark CX532adwe. While their heap based buffer over was unique, the other bug has been seen earlier in the contest. They still earn $7,500 and 1.5 Master of Pwn points. #Pwn2Own

Confirmed! namnp of Viettel Cyber Security used a crypto bypass and a heap overflow to exploit the Phillips Hue Bridge. They earn $20,000 and 4 Master of Pwn points, which catapults them in the Top 5. It also puts us over $1,000,000 for the contest! #Pwn2Own

Another confirmation! Dinh Ho Anh Khoa (@_l0gg) and Phan Vinh Khang (@pivik_) of Viettel Cyber Security used a unique command injection and two bugs that collided with previous bugs to exploit the Home Automation Green. They earn $12,500 and 2.75 Master of Pwn points. #Pwn2Own

🏠Boom! @ViettelCyberSec kicks off Day 2 of #Pwn2Own Ireland as they slip past the @home_assistant Green’s defenses! Smart home, smarter hack. They head off for the first disclosure of the day. #P2OIreland

Our researcher Khoa Dinh just published his findings for ToolShell Check it here

🚨 VCS warns of active attacks on a critical SharePoint vuln we first discovered & reported. Hackers can bypass auth & take over on-prem servers. 📌 Read our guidance: prevention, detection, hunting & more. https://t.co/nbzLcN0rWp

🌟 Huge shoutout to our brilliant researcher @_l0gg for discovering the critical SharePoint vulnerability at Pwn2Own Berlin! 🔍 His in-depth analysis of the widely exploited ToolShell flaw is a must-read for the cybersecurity community.

🚨 Shocking impact from the SharePoint vulnerability we found at Pwn2Own! 😱 Despite our efforts to patch it 🤝, many systems are still at risk ⚠️. Secure yours now! 🔒 Details:

Viettel Cyber Security Press Release for Customer alert, Latest research and Recommendations. Blog is comming https://t.co/JY6zGnTg6T #SharePoint #ToolShell

That brings Day Two of #Pwn2Own Berlin. So far, we have awarded $695,000 for 20 unique 0-days. STAR Labs has a commanding lead in Master of Pwn points and seem untouchable. Tune in tomorrow for the final day to see how it ends!

Confirmed! Viettel Cyber Security (@vcslab) used an OOB Write for their Guest-to-Host escape on #Oracle VirtualBox. The earn themselves $40,000 and 4 Master of Pwn points.

Blockbuster from @_l0gg Congratulation 🥳🥳🥳

First successful entry for the Pwn2Own Berlin 2025 from our team 🍾🍾🍾

🚨 Pwn2Own Automotive 2025 is a wrap! 🚗💥 🎉 We proudly made it to the Top 5 teams in our debut in the Automotive category! With 4 entries, 8.75 points, and $53,750 awarded, we’re just getting started in this exciting new field. 💪 Here's to more breakthroughs ahead! 🌍🔥

After 2 thrilling days, our journey has come to an end, and guess what? Our white-hat hacker team is proudly in the Top 5 of the world’s greatest! 📷📷 Now it’s time to pack those trophies, head back to Vietnam, and celebrate Tet! 📷📷 Welcome home, our champions @vcslab

In an #Pwn2Own After Dark entry, the team from @vcslab exploited the Sony XAV-AX8500, but the bug they used was previously know. They earn $5,000 and 1 Master of Pwn point. #P2OAuto #Pwn2Own

初日が無事に終了しました。ご支援いただき、本当にありがとうございます。明日もさらに多くの勝利が待っています！#アルパイン #Kenwood Our first day has come to an end with two successful exploitations 😊 and we got into Top 5 Thank you for your support. More victories await us

Confirmed! @vcslab used an OS command injection bug to exploit the #Kenwood IVI for code execution. They win $20,000 and 2 Master of Pwn points.

🚨Proud to join Pwn2Own Tokyo 2025! 🌏💥 💪 Ready to take on the challenge and own it! 🔥 #CyberSecurity #Pwn2Own #vcslab #Viettel

Rock on🤘🤘🤘 It is interesting to hear the legendary stories surrounding the rocks here. #Pwn2Own #Ireland #MasterOfPwn