Trend Zero Day Initiative
@thezdi.bsky.social
Trend Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
We have updated the #Pwn2Own Automotive rules to expand the target scope of the #Alpitronics category and to clarify the model of the ChargePointHome Flex model number. Check out the rules at www.zerodayinitiative.com/Pwn2OwnAuto2...
Pwn2Own Automotive 2026 Rules
www.zerodayinitiative.com
November 21, 2025 at 5:50 PM
We have updated the #Pwn2Own Automotive rules to expand the target scope of the #Alpitronics category and to clarify the model of the ChargePointHome Flex model number. Check out the rules at www.zerodayinitiative.com/Pwn2OwnAuto2...
No time to read the patch blog and just want the highlights? Check out the Patch Report for November. @dustinchilds.bsky.social covers what you need to know and what to look out for. youtu.be/6EAhfx7zj4U
The Patch Report for November 2025
YouTube video by Trend Zero Day Initiative
youtu.be
November 11, 2025 at 9:27 PM
No time to read the patch blog and just want the highlights? Check out the Patch Report for November. @dustinchilds.bsky.social covers what you need to know and what to look out for. youtu.be/6EAhfx7zj4U
It's a small release from #Microsoft and #Adobe, but there's one CVE in the wild and plently to discuss - including silent patches from October. @dustinchilds.bsky.social has his full roundup at www.zerodayinitiative.com/blog/2025/11...
Zero Day Initiative — The November 2025 Security Update Review
I’ve made it through Pwn2Own Ireland , and while many are celebrated those who served their country in the armed services, patch Tuesday stops for no one. So affix your poppy accordingly, and let’s...
www.zerodayinitiative.com
November 11, 2025 at 6:32 PM
It's a small release from #Microsoft and #Adobe, but there's one CVE in the wild and plently to discuss - including silent patches from October. @dustinchilds.bsky.social has his full roundup at www.zerodayinitiative.com/blog/2025/11...
Reposted by Trend Zero Day Initiative
I attended Pwn2Own in Cork ☘️ last week. I shared a review of the event on this week's episode of my podcast.
You can find that at 14:41 in the video linked here ⬇️
www.youtube.com/watch?v=aaLA...
Thanks to @dustinchilds.bsky.social & @thezdi.bsky.social for allowing me to attend. ❤️
You can find that at 14:41 in the video linked here ⬇️
www.youtube.com/watch?v=aaLA...
Thanks to @dustinchilds.bsky.social & @thezdi.bsky.social for allowing me to attend. ❤️
October 30, 2025 at 8:40 PM
I attended Pwn2Own in Cork ☘️ last week. I shared a review of the event on this week's episode of my podcast.
You can find that at 14:41 in the video linked here ⬇️
www.youtube.com/watch?v=aaLA...
Thanks to @dustinchilds.bsky.social & @thezdi.bsky.social for allowing me to attend. ❤️
You can find that at 14:41 in the video linked here ⬇️
www.youtube.com/watch?v=aaLA...
Thanks to @dustinchilds.bsky.social & @thezdi.bsky.social for allowing me to attend. ❤️
Wrapping up #Pwn2Own Ireland 2025. The three day event saw some amazing exploits and traumatic failures. We laughed, we cried, we shouted. Check out the highlights and see who won Master of Pwn. #P2OIreland
https://youtu.be/ruxOpC-b-yM?si=LoaaXBNbkRYL4cgz
https://youtu.be/ruxOpC-b-yM?si=LoaaXBNbkRYL4cgz
October 24, 2025 at 8:45 PM
Wrapping up #Pwn2Own Ireland 2025. The three day event saw some amazing exploits and traumatic failures. We laughed, we cried, we shouted. Check out the highlights and see who won Master of Pwn. #P2OIreland
https://youtu.be/ruxOpC-b-yM?si=LoaaXBNbkRYL4cgz
https://youtu.be/ruxOpC-b-yM?si=LoaaXBNbkRYL4cgz
Miss any of #Pwn2Own Ireland 2025? You can watch all of the video - attempts and recaps - at www.youtube.com/playlist?lis...
Pwn2Own Ireland 2025 - YouTube
Videos related to the 2025 edition of the Pwn2Own Ireland competition
www.youtube.com
October 24, 2025 at 3:50 PM
Miss any of #Pwn2Own Ireland 2025? You can watch all of the video - attempts and recaps - at www.youtube.com/playlist?lis...
What was bug if the day for #Pwn2Own Ireland day 3? Check it out youtube.com/shorts/PjpvU...
The Bug of Day! Pwn2Own Ireland Day 3 #pwn2own
YouTube video by Trend Zero Day Initiative
youtube.com
October 24, 2025 at 2:26 PM
What was bug if the day for #Pwn2Own Ireland day 3? Check it out youtube.com/shorts/PjpvU...
$1,024,750 - 73 unique bugs - a week of amazing research on display. #Pwn2Own Ireland had it all. Success. Failure. Intrigue. You name it. Congratulations to the Master of Pwn winners @SummoningTeam! Their outstanding work earned them $187,500 and 22 point. See you in Tokyo for Pwn2Own Automotive.
October 24, 2025 at 10:49 AM
$1,024,750 - 73 unique bugs - a week of amazing research on display. #Pwn2Own Ireland had it all. Success. Failure. Intrigue. You name it. Congratulations to the Master of Pwn winners @SummoningTeam! Their outstanding work earned them $187,500 and 22 point. See you in Tokyo for Pwn2Own Automotive.
Unfortunately, Frisk and Opcode from the Inequation Group ctf team could not get their exploit of the Meta Quest 3S working within the time time allotted. They were able to cause a DoS, but did not achieve code execution. #Pwn2Own
October 23, 2025 at 5:12 PM
Unfortunately, Frisk and Opcode from the Inequation Group ctf team could not get their exploit of the Meta Quest 3S working within the time time allotted. They were able to cause a DoS, but did not achieve code execution. #Pwn2Own
We have another collision! Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS used a single bug to exploit the QNAP TS-453E, but the bug has been previously seen in the contest. Their work still earns them $10,000 and 2 Master of Pwn points. #Pwn2Own
October 23, 2025 at 3:34 PM
We have another collision! Bongeun Koo (@kiddo_pwn) and Evangelos Daravigkas (@freddo_1337) of Team DDOS used a single bug to exploit the QNAP TS-453E, but the bug has been previously seen in the contest. Their work still earns them $10,000 and 2 Master of Pwn points. #Pwn2Own
Confirmed! Team Viettel Cyber Security used a crypto bypass and a heap overflow to exploit the Phillips Hue Bridge. They earn $20,000 and 4 Master of Pwn points, which catapults them in the Top 5. It also puts us over $1,000,000 for the contest! #Pwn2Own
October 23, 2025 at 3:28 PM
Confirmed! Team Viettel Cyber Security used a crypto bypass and a heap overflow to exploit the Phillips Hue Bridge. They earn $20,000 and 4 Master of Pwn points, which catapults them in the Top 5. It also puts us over $1,000,000 for the contest! #Pwn2Own
Boom! One their second attempt, the Viettel Cyber Security successfully got a root shell on the Philips Hue Bridge. They head off to the disclosure room one last time to provide the details. #Pwn2Own
October 23, 2025 at 3:06 PM
Boom! One their second attempt, the Viettel Cyber Security successfully got a root shell on the Philips Hue Bridge. They head off to the disclosure room one last time to provide the details. #Pwn2Own
We have another collision. Evan Grant used a single bug to exploit the QNAP TS-453E, but, unfortunately, it had been used earlier in the contest. He still earns $10,000 and 2 Master of Pwn points. #Pwn2Own
October 23, 2025 at 3:04 PM
We have another collision. Evan Grant used a single bug to exploit the QNAP TS-453E, but, unfortunately, it had been used earlier in the contest. He still earns $10,000 and 2 Master of Pwn points. #Pwn2Own
Boom! Bongeun Koo and Evangelos Daravigkas of Team DDOS completed their exploit of the QNAP TS-453E NAS device. They are off to the disclosure room to provide details. #Pwn2Own
October 23, 2025 at 3:00 PM
Boom! Bongeun Koo and Evangelos Daravigkas of Team DDOS completed their exploit of the QNAP TS-453E NAS device. They are off to the disclosure room to provide details. #Pwn2Own
Another collision: the Thalium team from Thales Group needed 3 bugs to exploit the Phillips Hue Bridge, but only their heap based buffer overflow was unique. The others were seen earlier in the contest. They still earn $13,500 and 2.75 Master of Pwn points. #Pwn2Own
October 23, 2025 at 2:19 PM
Another collision: the Thalium team from Thales Group needed 3 bugs to exploit the Phillips Hue Bridge, but only their heap based buffer overflow was unique. The others were seen earlier in the contest. They still earn $13,500 and 2.75 Master of Pwn points. #Pwn2Own
Confirmed (with style!) - Interrupt Labs combined a path traversal and an untrusted search path bug to exploit the Lexmark CX532adwe. They got a reverse shell and loaded Doom on the LCD. We couldn't play it though :-[ Still awesome to see. #Pwn2Own
October 23, 2025 at 2:07 PM
Confirmed (with style!) - Interrupt Labs combined a path traversal and an untrusted search path bug to exploit the Lexmark CX532adwe. They got a reverse shell and loaded Doom on the LCD. We couldn't play it though :-[ Still awesome to see. #Pwn2Own
Whew! We had several configuration challenges on our end, but once the setup was complete, Evan Grant easily took over the QNAP TS-453E. He heads off to the disclosure room to provide the details. #Pwn2Own
October 23, 2025 at 2:00 PM
Whew! We had several configuration challenges on our end, but once the setup was complete, Evan Grant easily took over the QNAP TS-453E. He heads off to the disclosure room to provide the details. #Pwn2Own
Verified! Team @neodyme.io used a single integer overflow to exploit the Canon imageCLASS MF654Cdw. Their unique bugs earns them $10,000 for the 8th round win and 2 Master of Pwn points. #Pwn2Own
October 23, 2025 at 1:56 PM
Verified! Team @neodyme.io used a single integer overflow to exploit the Canon imageCLASS MF654Cdw. Their unique bugs earns them $10,000 for the 8th round win and 2 Master of Pwn points. #Pwn2Own
We have another collision. Team Viettel used two bugs to exploit the Lexmark CX532adwe. While their heap based buffer over was unique, the other bug has been seen earlier in the contest. They still earn $7,500 and 1.5 Master of Pwn points. #Pwn2Own
October 23, 2025 at 1:52 PM
We have another collision. Team Viettel used two bugs to exploit the Lexmark CX532adwe. While their heap based buffer over was unique, the other bug has been seen earlier in the contest. They still earn $7,500 and 1.5 Master of Pwn points. #Pwn2Own
Confirmed! Sina Kheirkhah of Summoning Team used a hard-coded cred and an injection to take over the QNAP TS-453E. These unique bugs earn him $20,000 and 4 Master of Pwn points. #Pwn2Own
October 23, 2025 at 1:44 PM
Confirmed! Sina Kheirkhah of Summoning Team used a hard-coded cred and an injection to take over the QNAP TS-453E. These unique bugs earn him $20,000 and 4 Master of Pwn points. #Pwn2Own
Confirmed! David Berard of @synacktiv.com used a pair of bugs to exploit the Ubiquiti AI Pro in the Surveillance Systems category. The impressive display (incl. a round of Baby Shark) earns him $30,000 and 3 Master of Pwn Points. #Pwn2Own
October 23, 2025 at 1:31 PM
Confirmed! David Berard of @synacktiv.com used a pair of bugs to exploit the Ubiquiti AI Pro in the Surveillance Systems category. The impressive display (incl. a round of Baby Shark) earns him $30,000 and 3 Master of Pwn Points. #Pwn2Own
Sweet! The team from Interrupt Labs used hardly any time at all exploiting the Lexmark CX532adwe and posting their message on the LCD. They head off tot the disclosure room to explain themselves. #Pwn2Own
October 23, 2025 at 1:28 PM
Sweet! The team from Interrupt Labs used hardly any time at all exploiting the Lexmark CX532adwe and posting their message on the LCD. They head off tot the disclosure room to explain themselves. #Pwn2Own
Due to travel complications and delayed flights, the live stream scheduled for 3PM Irish time has been cancelled. We apologize for the inconvenience.
October 23, 2025 at 1:26 PM
Due to travel complications and delayed flights, the live stream scheduled for 3PM Irish time has been cancelled. We apologize for the inconvenience.
💡 Lights on! The Thalium Team demonstrated their mastery of the Phillips Hue Bridge by changing the color of a connected light. They head off to the disclosure room to illuminate us on how they did it. #Pwn2Own
October 23, 2025 at 12:55 PM
💡 Lights on! The Thalium Team demonstrated their mastery of the Phillips Hue Bridge by changing the color of a connected light. They head off to the disclosure room to illuminate us on how they did it. #Pwn2Own