Adobe released eleven bulletins addressing 123 CVEs in various products for June. The most critical update is for Adobe Campaign Classic with a CVSS score of 10.0, followed by ColdFusion with seven critical vulnerabilities. Adobe Acrobat Reader also received twenty critical vulnerability patches, which are common targets for ransomware. Microsoft's June Patch Tuesday was the largest ever, with 208 CVEs across Windows, Office, and Azure. Three of these vulnerabilities are publicly known, and one is under active exploitation in the wild. A critical Windows Kernel Remote Code Execution vulnerability, CVE-2026-45657, is particularly concerning due to its wormable nature. Another high-severity bug, CVE-2026-47291, affects HTTP.sys and allows remote code execution unless specific registry settings are in place. Microsoft Defender also has an elevation of privilege vulnerability, CVE-2026-41091, which is being exploited. Patches for BitLocker address vulnerabilities that could allow security feature bypass. The sheer volume of patches raises questions about AI's role in their discovery and creation. System administrators should prioritize deployment of these critical updates due to the number of zero-day threats and active exploits.

Pwn2Own Berlin 2026 concluded its third and final day, showcasing impressive research and exploitation techniques. Over the three days, a total of $908,750 was awarded for 39 unique zero-day vulnerabilities. Today's targets included Red Hat Linux, Windows 11, OpenAI Codex, VMware ESXi, and Anthropic Claude Code. Sina Kheirkhah of Summoning Team successfully exploited Red Hat Linux, receiving $7,000 for a partially known bug. Viettel Cyber Security earned $7,500 by exploiting Windows 11 using an integer overflow for privilege escalation. Satoki Tsuji of Ikotas Labs, Inc. successfully exploited OpenAI Codex, earning $20,000. Giuseppe Calì of Summoning Team was unsuccessful in exploiting VMware ESXi. Compass Security successfully targeted Anthropic Claude Code, receiving $20,000 despite a vulnerability collision. Hyunwoo Kim chained vulnerabilities to escalate privileges on Red Hat Enterprise Linux, earning $5,000.

Day Two of Pwn2Own Berlin 2026 is ongoing, showcasing security researchers' prowess in exploiting enterprise systems. Yesterday, a substantial $523,000 was awarded for 24 unique zero-day exploits. DEVCORE currently leads in the race for Master of Pwn, but competition remains fierce with several high-value targets. Researchers attempted to exploit Safari, SharePoint, and other platforms, with some attempts failing due to time constraints. Ben Koo successfully escalated privileges on Red Hat, earning $10,000 and a point. OtterSec demonstrated a code injection bug in LM Studio, securing $20,000 and four points. Summoning Team and STARLabs SG achieved successful exploits using known vulnerabilities, receiving rewards, while Le Duc Anh Vu successfully exploited Cursor. Orange Tsai of DEVCORE achieved Remote Code Execution on Microsoft Exchange, earning a significant $200,000 and 20 Master of Pwn points. Several teams withdrew their entries due to unforeseen circumstances.

Pwn2Own Berlin 2026 kicked off with security researchers targeting AI databases, coding agents, local inferences, and NVIDIA products. Several teams successfully exploited vulnerabilities, demonstrating impressive hacking skills. Orange Tsai of DEVCORE earned $175,000 for a Microsoft Edge sandbox escape. chompie of IBM X-Force exploited NV Container Toolkit, while k3vg3n took down LiteLLM. Satoki Tsuji used an allowed list bug on NVIDIA Megatron Bridge. Compass Security successfully exploited OpenAI Codex. Angelboy and TwinkleStar03 of DEVCORE also achieved privilege escalation on Windows 11. Ben Koo withdrew from the Mozilla Firefox category. Ikotas Labs successfully targeted LiteLLM using known bugs. Yoseop Kim exploited NVIDIA Megatron Bridge with a CWE-470 bug.

Pwn2Own Berlin 2026, hosted at OffensiveCon, features security researchers targeting enterprise-focused technologies. The competition includes categories for AI Databases, Coding Agents, Local Inferences, and NVIDIA products. The schedule, detailing the order of attacks, is already set based on a random draw. Day one kicked off with attacks on NVIDIA, Coding Agents, and Web Browsers. Researchers are also targeting Local Escalation of Privilege and AI Database categories. Day two saw continued attacks on Software like Windows, Firefox and Safari. Several teams targeted the Coding Agent, Local Inference and Server categories. Day three features further attacks in the Coding Agent category. The final day includes targets such as Windows, Red Hat Enterprise Linux, VMware ESXi and Microsoft SharePoint. The competition provides opportunities for security researchers to showcase their skills. Real-time updates and results are available on social media.

Adobe released ten bulletins patching 52 vulnerabilities across various products, with Adobe Commerce and Connect being high priorities. Microsoft's Patch Tuesday included 138 new CVEs, including fixes for Windows, Office, and Edge. Notably, no currently exploited bugs were identified. Several critical vulnerabilities exist, including RCE bugs in DNS Client and Netlogon. The Netlogon flaw allows unauthenticated remote code execution, making it a critical patch. Dynamics 365 on-premises also has a critical RCE vulnerability calling for quick deployment. A TCP/IP stack vulnerability, though less likely to be exploited, also requires patching. The sheer volume of Microsoft's fixes is significant, echoing industry trends. The article also provides a full list of Microsoft CVEs with details on severity and type. This Patch Tuesday release comes just before Pwn2Own Berlin.

The blog provides an analysis of macOS security updates released in May 2026. Apple released 82 unique CVEs across three macOS versions: Tahoe, Sequoia, and Sonoma. The blog highlights three potentially severe vulnerabilities without assigned severity scores from Apple. CVE-2026-28819, related to Wi-Fi, allows arbitrary code execution with kernel privileges across all versions. CVE-2026-43668, concerning mDNSResponder, enables remote attackers to corrupt kernel memory. Another critical vulnerability is CVE-2026-28972, enabling apps to write to kernel memory. The document includes a detailed table listing all released CVEs, components affected, and their impact. The blog concludes by stating the intention to continue the macOS update analysis if readers find it helpful.

TrendAI Research identified a double free vulnerability, CVE-2026-33824, in the Windows Internet Key Exchange (IKE) service, originally discovered by the WARP & MORSE team at Microsoft. This flaw, present in IKEv2's fragment processing, could lead to a crash of the IKEEXT service or arbitrary code execution. The vulnerability stems from improper ownership handling of a heap-allocated blob pointer during IKEv2 fragment reassembly within `ikeext.dll`. During the `IKE_SA_INIT` exchange, a Security Realm Vendor ID payload causes `IkeHandleSecurityRealmVendorId()` to allocate a blob, stored in the MMSA structure. When a fragmented `IKE_AUTH` message is reassembled, `IkeReinjectReassembledPacket` shallow-copies this blob pointer into a local stack struct. This struct is then shallow-copied into a heap-allocated work item by `IkeQueueRecvRequest`. The first free occurs when `IkeDestroyPacketContext` processes the work item and releases this shallow-copied blob pointer. The MMSA structure still holds the original pointer to the same allocation. The second free happens when the MMSA is cleaned up via `IkeCleanupMMNegotiation`, which eventually triggers `IkeFreeMMSA`, attempting to free the already released allocation. An unauthenticated, remote attacker can exploit this by sending a crafted `IKE_SA_INIT` message followed by two or more Encrypted Fragment payloads with an invalid `IKE_AUTH` message. Detection requires monitoring UDP ports 500 and 4500 for a specific `IKE_SA_INIT` sequence (including the Microsoft Security Realm Vendor ID) followed by a fragmented `IKE_AUTH` request containing a particular byte sequence. Microsoft patched this vulnerability in April 2026, recommending blocking inbound traffic on UDP ports 500 and 4500, or restricting traffic to known peer addresses, as temporary mitigations. Applying the vendor's update is the only full remediation.

April 2026's Patch Tuesday is significant due to a high volume of fixes and active exploits. Adobe released 12 bulletins addressing 61 CVEs in various products, with one Acrobat Reader bug being actively exploited. A separate Adobe ColdFusion bug also has a deployment priority of one. Microsoft released a massive 163 new CVEs across numerous products and components, totaling 247 with third-party fixes. One Microsoft SharePoint Server Spoofing Vulnerability is actively exploited, and a Defender Elevation of Privilege Vulnerability is publicly known. Two critical Windows vulnerabilities, one in TCP/IP and another in IKE, are potentially wormable. The size of Microsoft's release might be due to increased AI-driven vulnerability submissions. Prioritize patching actively exploited vulnerabilities in Adobe Reader and Microsoft Sharepoint. Enterprises using IPv6 or IKE should expedite patching related to their respective vulnerabilities. Testing and deploying the Microsoft Defender fix is crucial for those relying on it.

The blog details a local privilege escalation vulnerability affecting Node.js applications on Windows, arising from its module resolution behavior. Node.js searches for modules in `C:\node_modules` by default, allowing attackers to create this directory. Malicious modules placed there can be executed within the context of a user running an application. The issue stems from Node.js's stance of "trusting the file system", considering it intentional behavior. This negligence transforms optional dependencies into a dangerous attack vector. npm CLI and Discord are demonstrated as vulnerable, exploiting missing optional dependencies. The npm CLI vulnerability, CVE-2026-0775, leverages a missing "bluebird" package. Discord, through CVE-2026-0776, is vulnerable due to a missing "utf-8-validate" dependency, and remains unpatched. These vulnerabilities are triggered when launching the applications, without user interaction. Node.js, npm, and Discord do not consider this a valid security issue. The blog encourages researchers to investigate more applications for similar vulnerabilities.

Pwn2Own is returning to Berlin for its second competition, co-sponsored by AWS, with over $1 million in prizes. The event features expanded AI categories including AI Databases, Coding Agents, Local Inferences, and NVIDIA products. Existing categories like web browsers, containers, servers, virtualization, and operating systems are also included. Registration closes on May 7th for the contest that begins on May 14th, with 31 targets across 10 categories. The Master of Pwn will be crowned based on accumulated points from unique, successful entries, receiving significant rewards. Virtualization targets include VMware ESXi, Microsoft Hyper-V, and KVM, with potential bonuses for advanced exploits. Web browser exploits, including renderer-only, have increased award values this year. Enterprise applications like Adobe Reader and Microsoft Office components are targets, with a new bonus for Copilot data exfiltration. Server targets include Microsoft Exchange and RDP/RDS due to their high-risk nature. Local Escalation of Privilege requires kernel vulnerabilities on Linux, macOS, and Windows. Container exploits must achieve host OS execution from within a container, featuring Firecracker. New AI categories focus on exploiting AI databases, coding agents, and local inference models. The NVIDIA category targets specific NVIDIA products and their associated software. Participants are strongly encouraged to read the complete rules and contact for registration and specific questions.

The author is reviewing security patches released for March 2026 from Adobe and Microsoft. Adobe released eight bulletins addressing 80 CVEs across various applications, with Acrobat Reader being a priority for patching. Microsoft's release includes 84 new CVEs, with five reported through the TrendAI ZDI program. Several Microsoft vulnerabilities are detailed, including an Excel information disclosure bug related to the Copilot Agent. Office Remote Code Execution vulnerabilities, like previous months, continue to be present and need addressing. A Windows Print Spooler RCE vulnerability that works similarly to the "Print Nightmare" is also present, requiring quick patching. A Windows Graphics Component Elevation of Privilege vulnerability that was identified as variants needs to be addressed. The post concludes with a comprehensive list of the CVEs released by Microsoft for March 2026, including their severity and related details. The author emphasizes the importance of testing and deploying these security updates promptly.

This report details a command injection vulnerability in Microsoft Windows Notepad (CVE-2026-20841). The vulnerability stems from improper validation of links within rendered Markdown files. Exploitation involves enticing a user to open a crafted malicious Markdown file containing a harmful link. When the user clicks the link, arbitrary commands can execute within the victim's account's security context. The Notepad application tokenizes input and renders Markdown files if the file extension is ".md". The vulnerability exists in the function handling link clicks, `sub_140170F60()`, which calls `ShellExecuteExW()`. Insufficient filtering allows attackers to use "file://" and "ms-appinstaller://" protocol URIs. The vulnerability was patched by Microsoft in February 2026. The report includes detection guidance for identifying potential exploitation attempts. The guidance suggests monitoring traffic for malicious links within ".md" files using specific regular expressions. The provided patch restricts links to local files and HTTP(S) URIs, potentially leading to false positives. The report concludes user interaction is required for exploitation and recommends patching to remediate the vulnerability. The research was done by Nikolai Skliarenko and Yazhi Wang from TrendAI.

The post discusses the February 2026 Patch Tuesday updates from Adobe and Microsoft. Adobe released patches for various applications, with After Effects receiving the most significant update, fixing several critical bugs. None of Adobe's fixes were actively exploited or publicly known at the time of release. Microsoft's update addresses 62 CVEs across multiple products, and six are actively exploited, a higher-than-usual number. Several critical vulnerabilities are highlighted, including Windows Shell and Internet Explorer security bypasses, which could lead to code execution. The DWM elevation of privilege vulnerability makes a second consecutive appearance as an actively exploited vulnerability. A Windows Remote Desktop Services privilege escalation bug is also actively exploited. The post urges quick testing and deployment of these specific Microsoft patches. Microsoft also addressed vulnerabilities in Azure, .NET, Office, and other components. The high number of actively exploited bugs raises concerns about a resurgence of widespread exploitation.

A command injection vulnerability in Arista NG Firewall, reported by TrendAI Research, allows arbitrary command execution. This vulnerability, tracked as CVE-2025-6798, stems from inadequate validation within the diagnostics component. Attackers can exploit this via crafted requests to the JSON-RPC interface, specifically the runTroubleshooting method. User-supplied data within parameters like "HOST" or "URL" isn't fully sanitized, allowing for the injection of malicious commands. The backtick character is an example of an unsafe character that can be used to inject commands. Successful exploitation grants attackers root privileges on the compromised system. Detection involves monitoring HTTP/HTTPS traffic for malicious JSON-RPC requests. The provided detection guidance details specific checks within request bodies using regular expressions. The vulnerability lies in the runTroubleshooting command's handling of user input within the NetworkManagerImpl class. Arista has addressed the issue in version 17.4 or higher. The report emphasizes the importance of applying the vendor's security patch. This thorough analysis was conducted by Jonathan Lein and Simon Humbert from the TrendAI Research team.

Pwn2Own Automotive 2026 concluded with security researchers demonstrating 76 unique 0-day vulnerabilities, awarding over $1 million USD. The Fuzzware.io team, comprising Tobias Scharnowski, Felix Buchmann, and Kristian Covic, secured the Master of Pwn title. They earned 28 points and $215,500 USD for their exploits. Several teams targeted various automotive systems, including Alpine, Kenwood, and Sony infotainment units. Some exploits involved buffer overflows, while others utilized race conditions and incorrect permission assignments. Collisions, where vulnerabilities were already known or demonstrated by another team, occurred frequently, impacting some prize amounts. The Juurin Oy team notably demonstrated a TOCTOU bug on an Alpitronic charger, even installing the game Doom. Other successful exploits gained root access on infotainment systems and charging stations. The competition highlighted the ongoing security challenges within modern automotive technology.

The Pwn2Own Automotive 2026 competition is underway, with security researchers competing to find vulnerabilities in the latest automotive systems. The competition has already awarded over $516,500 for 37 unique 0-day vulnerabilities. Researchers are targeting various automotive systems, including the Alpine iLX-F511, Grizzl-E Smart 40A, and Kenwood DNR1007XR. Team MAMMOTH successfully exploited a command injection vulnerability against the Alpine iLX-F511, earning $10,000 and 2 Master of Pwn points. Julien COHEN-SCALI of FuzzingLabs also had a successful exploit, chaining two vulnerabilities to earn $20,000 and 4 Master of Pwn points. Neodyme AG exploited a buffer overflow vulnerability in the Sony XAV-9500ES, earning $10,000 and 2 Master of Pwn points. Hank Chen of InnoEdge Labs exploited an exposed dangerous method against the Alpitronic HYC50, earning $40,000 and 4 Master of Pwn points. Several other researchers also had successful exploits, including Nguyen Thanh Dat, BoredPentester, and Sina Kheirkhah. The competition is ongoing, with researchers continuing to probe and challenge the latest automotive systems, and the stakes are rising as the race for Master of Pwn heats up.

Day One of Pwn2Own Automotive 2026 commenced with thirty entries targeting the latest automotive systems, featuring exploits and security breakthroughs from top researchers. The competition saw significant success across various categories, particularly in exploiting in-vehicle infotainment (IVI) systems and electric vehicle chargers. Several teams, including Neodyme AG and Synacktiv, successfully gained root-level access on IVI units like the Alpine iLX-F511 and Sony XAV-9500ES through vulnerabilities such as buffer overflows and chained exploits. EV chargers proved lucrative targets, with Fuzzware.io, PetoWorks, and others manipulating charging signals or achieving code execution on devices like the Autel charger and Phoenix Contact CHARX SEC-3150, often chaining multiple bugs. Notably, the Grizzl-E Smart 40A charger was successfully exploited multiple times, including a win by SKShieldus using hardcoded credentials and an authentication bypass leading to remote code execution by Compass Security. Some attempts resulted in failure, such as the initial exploit against the Kenwood DNR1007XR and attempts by Fuzzware.io against the EMPORIA Pro Charger. However, subsequent attempts quickly exploited the Kenwood unit through command injection and out-of-bounds writes by other researchers. The competition also included successful collisions where multiple teams exploited the same or similar vulnerabilities, resulting in split rewards and Master of Pwn points. Synacktiv achieved a full win in the Tesla Infotainment category by chaining an information leak and an out-of-bounds write via a USB-based attack. Overall, the day was marked by numerous successful exploits, demonstrating critical vulnerabilities in modern automotive and charging infrastructure components.

The third annual Pwn2Own Automotive competition has begun at Automotive World in Tokyo, featuring a record 73 entries from talented security researchers. The competition aims to test the latest automotive components in a real-world environment, with participants attempting to exploit vulnerabilities in various categories. The categories include In-Vehicle Infotainment, Level 2 Electric Vehicle Chargers, and Level 3 Electric Vehicle Chargers, among others. The schedule for the competition has been released, with each team having a limited time to demonstrate their exploits. The teams are competing for cash prizes and Master of Pwn points, with the total prize pool being substantial. The competition is expected to be intense, with many teams targeting the same devices and categories. The event will feature demonstrations and discoveries, and updates will be posted as the competition progresses. The Pwn2Own Automotive competition is a major milestone, with this year's event being the largest and most competitive yet. The competition will run for several days, with the schedule subject to change as the event unfolds. The outcome of the competition is highly anticipated, with the winning teams being awarded significant cash prizes and recognition in the security research community.

This article reviews the January 2026 security patches from Adobe and Microsoft. Adobe released 11 bulletins addressing 25 CVEs across various Creative Cloud and ColdFusion products. These patches fix code execution and memory leak vulnerabilities, with no publicly known or actively exploited bugs reported by Adobe. Microsoft, on the other hand, issued a large release with 112 new CVEs affecting numerous Windows components, Office, Azure, and Edge. Eight of Microsoft's patches are rated Critical, with the majority being Important. One vulnerability, CVE-2026-20805, an information disclosure bug in the Desktop Window Manager, is listed as actively exploited. Another notable patch addresses a Secure Boot certificate expiration that could impact future updates. Microsoft Office bugs related to the Preview Pane are also highlighted, with a recommendation to disable it as a precaution. Additionally, a critical vulnerability in Windows Virtualization-Based Security allows for elevation to the highest privilege level. The article suggests that large January releases are common due to vendors holding back updates over the holiday season.

Trend Micro's ZDI provides a preliminary hardware reconnaissance report for the Alpitronic HYC50 charger, a target for Pwn2Own Automotive 2026. Researchers will receive a modified enclosure isolating digital and communication components for safer analysis. The main control board manages charging, communication, and user authentication, using an i.MX6 processor and eMMC storage. The report details the board's PLC controllers for vehicle communication and Ethernet interfaces. A custom System on a Module (SOM) based on Variscite's design houses the main processing components. The COMM board handles communication via LTE, Wi-Fi/Bluetooth, and NFC interfaces. The HYC50 has mature documentation available online, which can prove useful. ZDI urges participants to check the development units before use. The report emphasizes the HYC50's hardware potential for the competition. Happy hunting to those participating in Pwn2Own, looking to exploit the charging station.

This blog post analyzes the attack surfaces of the Kenwood DNR1007XR in-vehicle infotainment system. The main potential attack vectors include USB, supporting various audio and video file formats, and SD card for media playback and map updates, both using FAT and NTFS file systems. Bluetooth, utilizing version 5 with multiple profiles, offers another avenue, especially exploring undocumented services. A built-in Wi-Fi access point, secured with a discovered password, exposes open ports, including an SSH server and non-standard services, creating vulnerabilities. Android Auto and Apple CarPlay, both wired and wireless, present further targets, particularly via the secure Wi-Fi network. Kenwood's Portal and Remote S apps, facilitating image transfer and multimedia control via Bluetooth, expand the attack surface. The blog emphasizes the importance of thorough investigation and reverse engineering. The post intends to inspire security research, encouraging explorations beyond the discussed surfaces. The author highlights the complexity of file parsing and the role of user-supplied data, such as images, in expanding the attack surface. Open source licenses present another potential area of investigation despite the disclaimer of actual usage. The author encourages participation in the upcoming Automotive Pwn2Own event.

The Kenwood DNR1007XR head unit is a target for the Pwn2Own Automotive contest, offering features like Android Auto and Apple CarPlay. This blog post details its external features, including an SD card slot behind the screen and a USB port for various functionalities. Internally, the unit features multiple interconnected boards, with the main board housing key components. The primary processor is the Dolphin+ TCC8034 System on a Chip, capable of running Android, Linux, and QNX. It runs on Linux and is similar to a SoC used in last year's Kenwood target. A Kioxia eMMC chip stores the device firmware, and a Winbond flash chip holds additional data. A Murata radio module handles Wi-Fi and Bluetooth operations, with its specific model number being LBEE6ZZ1WD-334. This module lacks publicly available datasheets, making its details obscure. A significant discovery is a debug connector on the main board's right edge. This connector provides access to a Linux login prompt via UART at 115200bps. Successful authentication grants a shell, presenting a potential attack vector. The post aims to provide sufficient information for vulnerability research, with more analysis to follow. The authors encourage keeping an eye on automotive vendor security improvements for future contests. They share their social media handles for those interested in exploit techniques and security patches.

Adobe released updates for December 2025, addressing 139 CVEs across various products, including Reader and ColdFusion. While the number of CVEs is high, many are XSS bugs, though some critical code execution vulnerabilities exist. ColdFusion receives a patch with a deployment priority of 1 due to several code execution bugs. Microsoft's December 2025 Patch Tuesday includes 56 new CVEs across Windows, Office, and other components, with a total of 70 when including Chromium updates. This brings Microsoft's yearly total to 1,139 CVEs, making 2025 the second-highest volume year. One actively exploited vulnerability, CVE-2025-62221, is a Windows Cloud Files Mini Filter Driver elevation of privilege bug. Microsoft also addressed critical Office remote code execution vulnerabilities, including those affecting the Preview Pane. A publicly known command injection bug in GitHub Copilot, CVE-2025-64671, is also addressed. The updates include several elevation of privilege and remote code execution vulnerabilities across various Windows components.

The text discusses the November 2025 security updates from Adobe and Microsoft. Adobe patched 29 CVEs across various products, with fixes for InDesign and Illustrator being prioritized. Microsoft released updates for 63 CVEs, including those for Windows, Office, and other components. One Microsoft vulnerability, CVE-2025-62215 (Windows Kernel EoP), is under active exploitation and should be a top priority. The report highlights an Office remote code execution bug, CVE-2025-62199, warranting preview pane disabling. Another notable vulnerability is CVE-2025-60709 (CLFS driver EoP), as CLFS has historical exploitation. The Agentic AI and Visual Studio Code remote code execution bug, CVE-2025-62222, is also significant. Microsoft's release total is lower than previous months, with a total of 1084 CVEs addressed this year. The document includes a detailed CVE list with severity and impact information. The author acknowledges that Windows 10 is no longer receiving updates this month. Overall, these updates aim to address various security flaws and protect users.

Pwn2Own Ireland 2025 is in its final day, already awarding $792,750 for 56 zero-day bugs. CyCraft Technology withdrew their attempt on the Amazon Smart Plug. Fuzzinglabs failed to exploit the QNAP TS-453E within the time limit. Xilokar successfully exploited the Phillips Hue Bridge with four bugs, though one collided with a prior submission, earning them $17,500. Chris Anastasio successfully exploited the Lexmark CX532adwe printer using a type confusion bug, earning $20,000. Interrupt Labs successfully compromised the Samsung Galaxy S25 using an input validation bug, gaining camera and location access and $50,000. Yannik Marchand also exploited the Phillips Hue Bridge, using three bugs, with two colliding, earning $13,333. The competition continues with 17 attempts remaining. The blog will be updated with live results. Several researchers successfully demonstrated the exploitation of various devices. These findings highlight vulnerabilities in common technology.

Day Two of Pwn2Own Ireland 2025 continued with participants trying to earn points and money. Yesterday's competition awarded $522,500 for discovered vulnerabilities. The Summoning Team held a slight lead, but the leaderboard could change with more attempts. PHP Hooligans successfully exploited a Canon printer with an OOB Write, earning $10,000. Viettel Cyber Security used a command injection and other bugs to exploit Home Automation Green, earning $12,500. Qrious Secure exploited Phillips Hue Bridge with multiple bugs, earning $16,000. CyCraft Technology's Chumy Tsai exploited QNAP TS-453E with a code injection bug, earning $20,000. Sina Kheirkhah's exploit of Synology BeeStation Plus was deemed out of scope. Team Neodyme exploited Home Assistant Green with two bugs, earning $15,000. These successful exploits highlight the ongoing efforts to find and fix software vulnerabilities. The competition highlights the importance of cybersecurity. Many teams gained significant points towards the Master of Pwn title.

Pwn2Own Ireland 2025's first day featured seventeen attempts with exciting cybersecurity research. Team Neodyme successfully exploited an HP DeskJet 2855e using a stack based buffer overflow. STARLabs successfully targeted a Canon imageCLASS MF654Cdw with a heap based buffer overflow. Synacktiv achieved root-level code execution on a Synology BeeStation Plus through a stack overflow. Team DDOS completed a complex SOHO Smashup compromising QNAP devices using eight different bugs. Team DDOS withdrew their attempt on the Philips Hue Bridge. GMO Cybersecurity by Ierae, Inc. successfully exploited another Canon imageCLASS MF654Cdw using a stack based buffer overflow. These successful exploits earned teams substantial prize money and Master of Pwn points. The event showcased a range of vulnerabilities and exploit techniques. Stay updated through their social media channels for more information. Pwn2Own Ireland 2025 is a demonstration of the current cybersecurity landscape.

Pwn2Own Ireland 2025 is announced, promising up to $2,000,000 in prizes, including a $1,000,000 award for a WhatsApp 0-click exploit. The contest schedule is provided, detailing participating teams and their targets across multiple product categories. Numerous teams and individuals are set to attempt exploits on devices like printers, smart home hubs, and network storage systems. Prizes vary, with amounts based on the category and the severity of the identified security vulnerabilities. Specific targets include products from Canon, HP, Synology, Philips Hue, Home Assistant, and Samsung. Live streams for some attempts are available for viewing. The competition spans multiple days, with a wide array of teams and individuals competing. The final day includes an attempt for the major WhatsApp prize. Many different research groups are represented, including teams from DEVCORE, STARLabs, and Summoning Team. The contest focuses on discovering and demonstrating software vulnerabilities for financial rewards and recognition.

Pwn2Own Automotive returns to Tokyo from January 21-23, 2026, awarding over $2 million for automotive exploits. The event features partnerships with VicOne, Tesla, Alpitronic, and the Open Charge Alliance. New targets include Level 3 EV chargers and the Open Charge Alliance’s OCTT. Existing categories include Tesla, In-Vehicle Infotainment, and Level 2 EV chargers. The Tesla category will use a benchtop unit, with some targets offering a vehicle prize. The Level 2 EV charger category offers bonus challenges for additional rewards and Master of Pwn points. Automotive Operating Systems are also a target, with bonuses for specific subsystem exploits. Master of Pwn is awarded based on points accumulated across successful attempts, regardless of cash prize. Contestants must register by January 15, 2026, and the event order will be determined by a random drawing. Results will be posted live via blog and social media platforms. The organizers anticipate innovative exploits and attack techniques.

Adobe's October patch release addresses 36 CVEs across various products, with Substance 3D Stager, Dimension, and Illustrator updates being particularly important. Microsoft's October Patch Tuesday is massive, featuring 177 new CVEs, making it Microsoft's largest monthly release to date. Sixteen vulnerabilities are rated Critical and the rest Important, with some actively exploited. Three bugs are confirmed under active attack, including Windows Agere Modem Driver and Remote Access Connection Manager elevation of privilege bugs. Another notable vulnerability is a Secure Boot bypass in IGEL OS, warranting attention. The Windows Server Update Service (WSUS) remote code execution vulnerability also poses a significant risk. Microsoft's extensive release could be related to the end of Windows 10 support. The sheer volume underscores the need for prompt testing and deployment of security updates to mitigate risks. The provided list details the specific CVEs, their titles, severity ratings, and current status.

The author investigated a crash in Autodesk Revit 2025, initially found through fuzzing RFA files, which led to a type confusion vulnerability. This vulnerability was a result of deserializing a `std::pair` type. The crash occurs when the program tries to call a destructor on a non-vtable value. The author exploited the vulnerability to achieve remote code execution. The research involved reverse engineering and debugging. Tools like IDA Pro, WinDBG, and Time Travel Debugging were used. A cloud-based supply chain vulnerability in Axis Communications Plugin for Autodesk Revit, which could distribute corrupted RFA files, greatly aided the exploit. The author created a tool, "CompoundFileTool," and another tool that mimicked Revit's gzip behavior, which were essential to modify RFA files effectively. The goal was to manipulate the deserialized object's offset 0x0 to point to a controlled vtable. The author ultimately successfully achieved arbitrary code execution by exploiting the type confusion. The research also included reversing and understanding Autodesk's RFA format, including the format of compressed data in Global/Latest stream.

The Trend Micro Zero Day Initiative discovered a critical vulnerability in NVIDIA's Transformers4Rec library, allowing remote code execution with root privileges. This vulnerability, CVE-2025-23298, stems from unsafe deserialization when loading model checkpoints using Python's pickle module. Transformers4Rec, part of the Merlin ecosystem, is widely used for recommendation tasks and integrates with Hugging Face Transformers. The flaw lies in the `load_model_trainer_states_from_checkpoint` function, which directly uses `torch.load()` without safety parameters, exposing it to malicious pickle files. Pickle's `__reduce__` method allows arbitrary code execution during deserialization. The attack surface is significant due to common model sharing and the trust placed in checkpoint files, especially as these processes often run with elevated privileges. A malicious checkpoint could execute system commands before model weights are loaded. The real-world impact includes remote code execution, privilege escalation, data exfiltration, and supply chain attacks. NVIDIA has patched the vulnerability by implementing a custom loading mechanism that restricts deserialization to approved classes. This incident underscores the pervasive security challenges in the ML/AI ecosystem due to reliance on pickle. Developers are urged to avoid pickle for untrusted data, use `weights_only=True`, restrict trusted classes, and consider secure serialization formats like Safetensors. Organizations should audit model provenance, implement signing, and sandbox model loading. The ML community needs to move away from pickle and prioritize security in framework design.

Adobe has released nine security bulletins for September, addressing 22 unique CVEs across various products like Acrobat Reader, After Effects, and Premiere Pro. Only the ColdFusion update is rated Priority 1, though no exploitation is detected. The Commerce update fixes a single Critical bug, also without noted exploitation. Acrobat receives a patch for one Critical and one Moderate bug. After Effects includes fixes for three Important bugs. Premiere Pro gets a patch for a potential code execution vulnerability. Substance 3D Viewer and Modeler each have three code execution bugs addressed. Experience Manager has the most fixes with seven, one of which is Critical. Dreamweaver's patch corrects a Cross-Site Request Forgery bug. None of Adobe's September vulnerabilities were publicly known or actively exploited at release. Microsoft released 80 new CVEs for September, covering Windows, Office, Azure, and more, with eight rated Critical and the rest Important. This volume places Microsoft significantly ahead of last year's patch releases. One publicly known bug exists, but none are under active attack. A critical vulnerability in Microsoft HPC Pack allows remote code execution without user interaction. Microsoft Office continues to have code execution vulnerabilities through its Preview Pane. A Windows NTLM Elevation of Privilege vulnerability allows escalation to SYSTEM with low exploit complexity.

Adobe and Microsoft have released their monthly security patches, with Adobe addressing 68 CVEs across various products like Commerce, Illustrator, and Photoshop. Microsoft released a substantial 107 new CVEs impacting Windows, Office, Edge, and other services, the highest volume since 2020. Priority for Adobe updates includes Commerce and InCopy due to critical vulnerabilities. Microsoft's patches include several high-severity vulnerabilities like GDI+ and Windows Graphics Component RCEs, exploitable via web browsing. Microsoft Office is again affected by preview pane vulnerabilities, and SharePoint has a critical RCE similar to those used in recent attacks. Among Microsoft's fixes, 12 are rated Critical, with the majority rated Important. One publicly known vulnerability exists in Microsoft's releases, but none are reported as actively exploited. Adobe's patches do not list any publicly known or actively exploited vulnerabilities. Users are advised to prioritize patching the identified critical issues from both vendors. The full details and webcast recap are available for further review.

Pwn2Own is returning to Cork, Ireland from October 21-24, 2025, with Meta joining as a co-sponsor. A significant $1,000,000 bounty is offered for a 0-click WhatsApp bug leading to code execution. The event will feature eight target categories, including Mobile Phones, Messaging, SOHO Smashup, Smart Home Devices, Printers, NAS Devices, Surveillance System Devices, and Wearables. Mobile phone targets will now include USB attack vectors, while the SOHO Smashup category has been made more challenging. Smart Home Devices and Surveillance System Devices are consolidated from previous categories. Printers will feature Brother as a new target alongside existing ones. NAS devices from Synology and QNAP are included, with specific Synology packages in scope. Wearable targets include Meta Ray-Ban Smart Glasses and Meta Quest 3/3S with different prize levels for interaction requirements. The Master of Pwn title will be awarded to the overall winner based on accumulated points. Registration closes on October 16th, 2025, at 5:00 p.m. Irish Standard Time, with no exceptions for late entries.

A vulnerability in Cisco Identity Services Engine (ISE), specifically in the enableStrongSwanTunnel method, allowed command injection as root. This was initially reported as a deserialization vulnerability but also included a command injection flaw. The researcher, Kentaro Kawane, discovered that attacker-supplied data was used to execute shell scripts with sudo privileges. Exploitation proved more complex than initially anticipated due to how Java's exec() method tokenizes commands. Java's StringTokenizer ignores quotes, preventing direct command execution; however, the researcher circumvented this by using the bash Internal Field Separator (${IFS}) variable. This allowed injection of commands as a single argument, avoiding tokenization issues. The injected commands initially ran within a Docker container, but because the container ran in privileged mode, the researcher used a "User-Mode Helpers" technique to escape the container and gain root access on the host system. A base64 encoding was used to bypass the space character limitation in the payload. The complete exploit involved sending a specially crafted POST request to the vulnerable endpoint. This successful exploitation demonstrates a combination of vulnerabilities leading to complete system compromise. The researcher emphasizes the importance of understanding both Java's exec() behavior and the capabilities of privileged Docker containers. Further research into this area is planned.

Manfred Paul exploited a vulnerability (CVE-2025-4919, ZDI-25-291) in Firefox's IonMonkey JavaScript JIT compiler at Pwn2Own Berlin 2025. The vulnerability resided within the `ExtractLinearSum` function, used for simplifying linear expressions. This function incorrectly handled the `Modulo` math space, causing issues with bounds checks. The `TryEliminateBoundsCheck` function, utilizing `ExtractLinearSum`, merged bounds checks without accounting for potential integer overflows. This flaw allowed bypassing bounds checks in large typed arrays. Exploiting this involved creating a large typed array and manipulating indices to trigger an out-of-bounds read or write. The exploit used bitwise operations to force wrapping additions, misleading the bounds check elimination. A BigInt was used to prevent compiler optimizations that might otherwise hinder the exploit. The vulnerability's root cause lies in inconsistent math space handling within the `ExtractLinearSum` function's various call sites. Similar vulnerabilities might exist in other parts of the Ion compiler that use `ExtractLinearSum` for loop analysis. Mozilla patched the vulnerability in Firefox 138.0.4. The exploit demonstrated the danger of unchecked integer operations in JIT compilers.

Adobe has not yet released its scheduled patches for July, but Microsoft has released 130 new CVEs in various products, including Windows, Office, and Azure. Eight of these bugs were reported through the Trend ZDI program, bringing the total to 140 CVEs. Ten of the patches are rated Critical, and the rest are rated Important in severity. One bug is publicly known, but none are currently under active attack. A notable bug is CVE-2025-47981, a heap-based buffer overflow in the Windows SPNEGO Extended Negotiation component that allows remote, unauthenticated attackers to execute code. Another critical bug is CVE-2025-49717, a heap-based buffer overflow in Microsoft SQL Server that could lead to code execution. A third critical bug is CVE-2025-49704, a remote code execution vulnerability in Microsoft SharePoint that was used in a Pwn2Own Berlin demonstration. There are also four Critical-rated Office bugs, all of which have the Preview Pane listed as an attack vector. Microsoft has not yet released updates for Microsoft Office LTSC for Mac 2021 and 2024. The full list of CVEs released by Microsoft for July 2025 is provided.

The text discusses accessing eMMC storage without removing it from a device, a process preferable to the challenging BGA reballing. The author aims to provide a structured guide for reading and writing data on eMMC chips. Prerequisites include a device to analyze, an interface device, and microsoldering equipment. Key eMMC signals like CLK, CMD, DAT0, and power lines are explained. The text outlines the process of locating eMMC signals on a board, typically using a logic analyzer. Powering the eMMC chip is addressed, with advice on using either the device's power supply or an external one, considering potential risks. The text highlights the need to determine VDD and VDDQ voltages and address voltage level translation if necessary, especially for devices using lower voltages. The document provides a starting point for accessing the data stored on eMMC without desoldering the chip.

Adobe released seven bulletins addressing 254 CVEs in various products, including Acrobat Reader, Experience Manager, and Substance 3D Sampler. None of the bugs fixed by Adobe are listed as publicly known or under active attack. Microsoft released 66 new CVEs, with 10 rated Critical and the rest Important in severity. One bug is listed as being under active attack, and one is publicly known. A Critical-rated bug in WEBDAV forces Windows to use the deprecated Internet Explorer, allowing code execution. Another Critical-rated bug in Netlogon allows threat actors to execute code on domain controllers. A bug in Office allows code execution without user interaction, and four other Office-related bugs are also Critical-rated. Microsoft lists one bug as being under active attack, with one other being publicly known. The patches released by both companies should be applied as soon as possible to prevent potential attacks.

The third and final day of Pwn2Own Berlin 2025 has concluded, with a total of $1,078,750 awarded during the event. The STAR Labs SG team won Master of Pwn, earning $320,000 and 35 Master of Pwn points. Seven of the 28 unique 0-days disclosed during the event came from the AI category. Angelboy from DEVCORE Research Team demonstrated a privilege escalation on Windows 11, earning $11,250 and 2.25 Master of Pwn points. FPT NightWolf successfully exploited NVIDIA Triton, earning $15,000 and 1.5 Master of Pwn points. Manfred Paul exploited Mozilla Firefox using an integer overflow, earning $50,000 and 5 Master of Pwn points. Nir Ohfeld and Shir Tamari exploited the NVIDIA Container Toolkit, earning $30,000 and 3 Master of Pwn points. Dung and Nguyen from STARLabs escaped the VM and escalated privileges on Windows, earning $70,000 and 9 Master of Pwn points. The event concluded with Miloš Ivanović escalating privileges to SYSTEM on Windows 11, earning $15,000 and 3 Master of Pwn points.

Pwn2Own Berlin's second day concluded with $435,000 awarded, bringing the total contest prize money to $695,000. Researchers demonstrated 20 unique zero-day vulnerabilities throughout the competition so far. FuzzingLabs exploited NVIDIA Triton with a known but unpatched vulnerability, earning them a partial reward. Viettel Cyber Security successfully exploited Microsoft SharePoint using an authentication bypass and insecure deserialization. STAR Labs achieved a historic first by exploiting VMware ESXi with an integer overflow. Palo Alto Networks exploited Mozilla Firefox using an out-of-bounds write. Wiz Research successfully exploited Redis, marking another AI category win. Qrious Secure achieved a full win against NVIDIA Triton with a four-bug chain. Viettel Cyber Security also performed a guest-to-host escape on Oracle VirtualBox. STAR Labs further escalated privileges on Red Hat Enterprise Linux.

Pwn2Own Berlin 2025 kicked off with eleven attempts, including the first AI category. Day one concluded with $260,000 awarded and STAR Labs taking an early lead. DEVCORE Research Team successfully escalated privileges on Red Hat Linux via integer overflow, earning $20,000. Summoning Team exploited NVIDIA Triton, but the bug was known, resulting in $15,000. STAR Labs SG achieved SYSTEM-level access on Windows 11 using a UAF and integer overflow, winning $30,000. Theori successfully escalated to root on Red Hat Linux, despite using an N-day bug, receiving $15,000. Summoning Team secured the first-ever AI category win with a Chroma exploit, earning $20,000. Marcin Wiązowski escalated privileges on Windows 11 with an Out-of-Bounds Write, earning $30,000. Team Prison Break escaped Oracle VirtualBox with an integer overflow, winning $40,000. Viettel Cyber Security exploited NVIDIA Triton, but the bug was known, earning $15,000. Out Of Bounds earned $15,000 for a type confusion escalation on Windows 11. STAR Labs used a UAF in the Linux kernel to escape Docker Desktop, earning $60,000.

The inaugural Pwn2Own Berlin, is taking place at the OffensiveCon conference, and features a new AI category. The event has assembled top security researchers to test the security of various systems. The schedule for the three-day event has been randomly drawn and includes targets such as NVIDIA Triton Inference Server, Microsoft Windows 11, and Oracle VirtualBox. Researchers will compete in categories including AI, Local Escalation of Privilege, Virtualization, and more. The winners will receive cash prizes and Master of Pwn Points, with the highest prize being $150,000 and 15 Master of Pwn Points. The event will be live-blogged and tweeted, with results posted on social media platforms using the #P2OBerlin hashtag. The event is organized by Trend Micro, and all rights are reserved. The schedule includes 25 attempts to exploit various systems, with multiple researchers targeting the same systems. The event aims to test the security of these systems and award the researchers who successfully exploit them.

Adobe released 13 security bulletins for May 2025, addressing 40 CVEs in products like Cold Fusion, Lightroom, and Photoshop. None of the bugs are publicly known or under active attack. Microsoft released 75 new CVEs, with 12 rated Critical and the rest Important in severity. Five bugs are currently being exploited in the wild, including a Scripting Engine Memory Corruption Vulnerability and a Windows Common Log File System Driver Elevation of Privilege Vulnerability. Other notable patches include a Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability and a Microsoft DWM Core Library Elevation of Privilege Vulnerability. Microsoft also patched several Office-related bugs, which could be a sign of attacks to come. The patches include fixes for Azure, .NET, and other products. None of the bugs fixed by Adobe this month are listed as publicly known or under active attack. Microsoft lists five bugs as being under active attack at the time of release, with two others being publicly known.

A code execution vulnerability was discovered in the Apple macOS operating system, specifically in the Scriptable Image Processing System (sips) utility. The vulnerability is due to the lack of proper validation of "lutAToBType" and "lutBToAType" tag types in ICC Profile files. A remote attacker can exploit this vulnerability by enticing a victim to open a crafted file, resulting in code execution on the victim's machine in the context of the running process. The vulnerability lies in the function sub_1000194D0(), which handles the tagged element data in ICC Profile files. The function does not properly validate the "Offset to CLUT" field value, allowing an attacker to set an offset equal to the total length of the tagged element data, causing the function to read and modify memory past the end of the heap-allocated buffer. A remote attacker can exploit this vulnerability by crafting a malicious ICC Profile file and enticing the victim to process it using a vulnerable version of sips tools. To detect an attack exploiting this vulnerability, detection devices must monitor and parse traffic on specific ports and services, and inspect the contents of ICC Profile files. The detection device should verify the Profile signature field and compute the size of the Tag Table, and inspect the tagged element data for suspicious activity. Apple has patched this vulnerability, and no attacks have been detected in the wild. It is recommended to apply the vendor patch to completely address this issue.

Adobe has released 12 security bulletins addressing 54 CVEs in various products, including Cold Fusion, After Effects, and Photoshop. None of the bugs fixed by Adobe this month are listed as publicly known or under active attack. Microsoft has released patches for 134 CVEs, including 11 Critical and 2 Low-severity vulnerabilities. One of the bugs, CVE-2025-29824, is currently being exploited in the wild and allows a threat actor to execute code with SYSTEM privileges. Other notable vulnerabilities include CVE-2025-26663 and CVE-2025-26670, which allow remote code execution through LDAP, and CVE-2025-27480 and CVE-2025-27482, which allow code execution through Remote Desktop Services. Microsoft has also released patches for various other products, including Office, Azure, and .NET. The patches address a range of vulnerabilities, including elevation of privilege, remote code execution, and information disclosure. Only one of the bugs fixed by Microsoft this month is listed as publicly known or under active attack. It is recommended to test and deploy the patches quickly to prevent potential attacks.

Use-after-free bugs, a type of memory corruption, are challenging to detect statically. This post explores using Binary Ninja's MLIL to create a data flow graph that traces memory allocation interactions. The graph represents memory regions as nodes and pointer stores as edges, using tracked allocation, stack frame, dynamic memory, and global memory nodes. SSA variables are mapped to nodes, and offsets are stored to represent pointer arithmetic. Memory store and load operations create graph edges, assuming prior initialization for loads outside the function scope. Information propagates through the graph based on SSA variable assignments and offset calculations during pointer arithmetic. Callees are analyzed if arguments have mappings or stack offsets meet certain conditions, managing recursion to prevent infinite loops. After graph generation, instructions dependent on the tracked allocation node are logged. This analysis helps identify potential UAF vulnerabilities through context-insensitive reachability. The approach acknowledges inherent classification errors in static analysis but highlights adaptable primitives for other vulnerabilities.

The article discusses the development of an Electric Vehicle Simulator (EV Simulator) to research and reverse-engineer Level 2 Electric Vehicle Supply Equipment (EVSE). The simulator is designed to mimic the behavior of an electric vehicle, allowing researchers to test the EVSE in different states, such as charging and idle. The EV Simulator is based on the SAE J1772 standard, which defines the communication protocol between the EVSE and the electric vehicle. The simulator uses a rotary switch to simulate different resistance values, which are used to communicate with the EVSE. The device also includes a diode and a low-cost oscilloscope to monitor the PWM signal sent by the EVSE. The authors emphasize the importance of safety when working with high-voltage equipment and provide a list of components used to build the simulator. The device was tested on several Level 2 chargers from different manufacturers and successfully placed them into the charging state. The authors also mention pre-built alternatives that can be used for research, but note that they may not provide the same level of control and measurement as the custom-built simulator. The article concludes by highlighting the importance of continued research into EVSE security and the potential for future contests and events focused on this topic.