Let the Cybersecurity Games Begin at Zero Day!

The Zero Day Initiative granted $732,000 in total to researchers who identified 19 distinct cybersecurity vulnerabilities on the inaugural day of Pwn2Own.

Cybersecurity researchers are earning substantial sums of money and valuable prizes through the Pwn2Own competition, uncovering previously undiscovered vulnerabilities in widely utilized products such as Adobe Reader, Windows 11, SharePoint, and more.

On the initial day of the two-day event focused on threat discovery, the largest reward, comprising $200,000 in cash along with a new car, was bestowed upon a team named "Synacktiv" for effectively exploiting a single integer overflow against the Tesla ECU with Vehicle CAN BUS Control, as reported by the competition's sponsor, the Zero Day Initiative.

This marks the second occasion the team has emerged victorious for a Tesla-related hack, securing their second Tesla 3, as highlighted in ZDI's winner announcement.

Following the Tesla hack exploit, the second-highest position in the Pwn2Own bug bounty contest's first day was claimed by Manfred Paul, who garnered $102,500 in bug bounties. Among his achievements was the discovery of Apple Safari vulnerabilities, including an integer underflow bug and a PAC bypass, for which he earned $60,000, as stated by ZDI. Additionally, Paul earned $42,000 for successfully exploiting both Chrome and Edge browsers, according to the organization.

The top achievers progressed to the second day of Pwn2Own to vie for the coveted title of "Master of Pwn."

The most interesting part about the bug bounty exercise is that companies get 90 days to fix the vulnerabilities, after which point, the vulnerabilities are made public.

Having trouble keeping your systems up-to-date?

We'd love to help!