Pwn2Own
Synology hurries out patches for zero-days exploited at Pwn2Own
Synology, a Taiwanese network-attached storage (NAS) appliance maker, patched two critical zero-days exploited during last week’s Pwn2Own hacking competition within days. Midnight Blue security researcher Rick de Jager found the critical zero-click vulnerabilities (tracked together as CVE-2024-10443 and dubbed RISK:STATION) in the company’s Synology Photos and BeePhotos for BeeStation software. As Synology explains in security advisories published two days after the […]
QNAP patches second zero-day exploited at Pwn2Own to get root
QNAP has released security patches for a second zero-day bug exploited by security researchers during last week’s Pwn2Own hacking contest. This critical SQL injection (SQLi) vulnerability, tracked as CVE-2024-50387, was found in QNAP’s SMB Service and is now fixed in versions 4.15.002 or later and h4.15.002 and later. The zero-day flaw was patched one week after […]
Hackers exploit 52 zero-days on the first day of Pwn2Own Ireland
On the first day of Pwn2Own Ireland, participants demonstrated 52 zero-day vulnerabilities across a range of devices, earning a total of $486,250 in cash prizes. Viettel Cyber Security took an early lead getting 13 points in their chase for the “Master of Pwn” title. The team’s phudq and namnp exploited a Lorex 2K WiFi camera through a stack-based […]