Pwn2Own Berlin: The Full Schedule

JRViejo · May 15, 2025

Willkommen and welcome to the inuaguaral Pwn2Own Berlin! Not only is this our first time at the OffensiveCon conference, but it’s also our first time including an AI category in the event. We’ve assembled some of the finest security researchers in the world to test the security of these systems, and we can’t wait to see what happens.
Click to expand...

Pwn2Own Berlin: The Full Schedule by Dustin Childs

JRViejo · May 15, 2025

Welcome to the first day of Pwn2Own Berlin 2025! We have 11 different attempts, including our first ever AI attempts. We’ll be updating this blog with results as we have them.

And that bring Day One of #Pwn2Own Berlin to a close. We awarded $260,000 today, but more great research is yet to come. STAR Labs has an early lead on Master of Pwn, but it's anyone's game at this point. Stay tuned for more results as we go.
Click to expand...

Pwn2Own Berlin 2025: Day One Results by Dustin Childs

JRViejo · May 16, 2025

And that wraps up Day Two! We awarded $435,000, which brings the contest total to $695,000. With a third day still to come, there’s a very real chance we could reach the $1,000,000 threshold. The research demonstrated includes 20 unique 0-days. STAR Labs has a commanding lead in the Master of Pwn points, and it seems unlikely anyone will catch them. Tune in tomorrow to find out!
Click to expand...

Pwn2Own Berlin 2025: Day Two Results by Dustin Childs

JRViejo · May 17, 2025

And we are finished!! What an amazing three days of research. Today, we awarded $383,750, which brings the event total to $1,078,750! Congratulations to the STAR Labs SG team for winning Master of Pwn. They earned $$320,000 and 35 Master of Pwn points. During the event, we purchased (and disclosed) 28 unique 0-days - seven of which came from the AI category. Thanks to OffensiveCon for hosting the event, the participants for bringing their amazing research, and the vendors for acting on the bugs quickly.
Click to expand...

Pwn2Own Berlin 2025: Day Three Results by Dustin Childs

Sampei Nihira · May 17, 2025

Although Firefox has already patched exploits that have broken through its defenses, some of you, may have noticed that attackers have used HTTP links:

https://images.squarespace-cdn.com/...cdc-8ec6-c6ef19f4ba5f/Media.jpeg?format=2500w

https://images.squarespace-cdn.com/...b87f-3382a75246c0/Media (1).jpeg?format=2500w

it would have been easy to prevent these exploits.

summerheat · May 18, 2025

Background:

https://blog.mozilla.org/security/2025/05/17/firefox-security-response-to-pwn2own-2025/

ronjor · May 19, 2025

Hackers Earn Over $1 Million at Pwn2Own Berlin 2025

By Eduard Kovacs May 19, 2025
Pwn2Own participants demonstrated exploits against VMs, AI, browsers, servers, containers, and operating systems.
Click to expand...

Sampei Nihira · May 19, 2025

...... Neither of the attacks managed to break out of our sandbox, which is required to gain control over the user’s system.
Click to expand...

https://blog.mozilla.org/security/2025/05/17/firefox-security-response-to-pwn2own-2025/

And I would add that the attacks would also be blocked by the “Always HTTPS” feature if it was obviously set not to default.

Log in or Sign up

Pwn2Own Berlin: The Full Schedule

JRViejo Super Moderator

JRViejo Super Moderator

JRViejo Super Moderator

JRViejo Super Moderator

Sampei Nihira Registered Member

summerheat Registered Member

ronjor Global Moderator

Sampei Nihira Registered Member

Log in or Sign up

Pwn2Own Berlin: The Full Schedule

JRViejo Super Moderator

JRViejo Super Moderator

JRViejo Super Moderator

JRViejo Super Moderator

Sampei Nihira Registered Member

summerheat Registered Member

ronjor Global Moderator

Sampei Nihira Registered Member

Useful Searches