Today's cybersecurity headlines are brought to you by ThreatPerspective
Ethical Hacking News

The Pwn2Own Berlin 2025: A Showcase of Zero-Day Vulnerabilities and Expert Hackers' Skills



Pwn2Own Berlin 2025 has come to a close, with hackers taking home $1,078,750 in prize money for demonstrating zero-day vulnerabilities in various software products. The event marked an important milestone in the Pwn2Own series, showcasing the growing expertise of security researchers and vendors in identifying and exploiting vulnerabilities.

  • Pwn2Own Berlin 2025 awarded $1,078,750 across 28 unique zero-days.
  • Seven of the zero-days were in the AI category.
  • STAR Labs SG won the "Master of Pwn" title with a prize of $320,000.
  • Corentin Bayet won $112,500 and 11.5 points for exploiting two bugs in ESXi.
  • Thomas Bouzerar and Etienne Helluy-Lafont from Synacktiv earned $80,000 and eight Master of Pwn points.
  • Dung and Nguyen from STAR Labs earned $70,000 and nine points for a TOCTOU race condition exploit.
  • Milo Ivanović won $15,000 and three Master of Pwn points for exploiting Windows 11 using a race condition.


    • Pwn2Own Berlin 2025, a prestigious event in the world of cybersecurity, has come to a close. The three-day competition, which took place at the OffensiveCon conference, saw a total of $1,078,750 awarded to hackers who successfully demonstrated zero-day vulnerabilities in various software products.



    The prize money was distributed across 28 unique zero-days, with seven of them falling under the AI category. The event marked an important milestone in the Pwn2Own series, which aims to promote responsible disclosure and collaboration between security researchers and vendors.



    One of the standout performances came from STAR Labs SG, who took home the coveted title of "Master of Pwn" with a prize of $320,000. The team's exploits earned them 35 points, demonstrating their exceptional skills in identifying and exploiting zero-day vulnerabilities.



    Other notable winners included Corentin Bayet, who exploited two bugs in ESXi using an overlap technique, earning him $112,500 and 11.5 points. Thomas Bouzerar and Etienne Helluy-Lafont from Synacktiv also impressed with a heap-based buffer overflow exploit of VMware Workstation, netting them $80,000 and eight Master of Pwn points.



    Dung and Nguyen from STAR Labs also made headlines with their TOCTOU race condition exploit that allowed them to escape the VM and escalate privileges on Windows. Their effort earned them $70,000 and nine points.



    Milo Ivanović, aka infosec.exchange (@ynwarcs), rounded out the top performers with a successful SYSTEM privilege escalation on Windows 11 using a race condition. His prize? A respectable $15,000 and three Master of Pwn points.



    The Pwn2Own Berlin 2025 event also marked an important milestone in the AI category, which was introduced for the first time this year. The competition saw hackers demonstrating 7 zero-days in AI products, showcasing their growing expertise in exploiting vulnerabilities in artificial intelligence systems.



    As the cybersecurity landscape continues to evolve, events like Pwn2Own Berlin 2025 serve as a reminder of the importance of responsible disclosure and collaboration between security researchers and vendors. By promoting these values, we can work towards creating a safer digital world for everyone.



    The organizers of Pwn2Own Berlin 2025 have already announced plans to return next year, with an even more impressive lineup of challenges and competitions in store. As the cybersecurity community continues to grow and evolve, it will be exciting to see how this event continues to push the boundaries of what is possible.



    As we look back on the highlights of Pwn2Own Berlin 2025, it's clear that this year's event was a resounding success. With $1,078,750 awarded across 28 unique zero-days, hackers once again proved their skills and dedication to the craft. As we move forward into an increasingly complex digital landscape, it's more important than ever that we continue to support and promote initiatives like Pwn2Own Berlin 2025.



    The Pwn2Own series has been a driving force in promoting responsible disclosure and collaboration between security researchers and vendors. By providing a platform for hackers to demonstrate their skills and compete with each other, the event has become an essential part of the cybersecurity community's ecosystem.



    As we head into the future, it will be exciting to see how this tradition continues to evolve and grow. With its reputation as one of the most prestigious events in the world of cybersecurity, Pwn2Own Berlin 2025 is sure to remain a key player in the industry for years to come.



    The organizers of Pwn2Own Berlin 2025 have once again demonstrated their commitment to promoting responsible disclosure and collaboration between security researchers and vendors. By continuing to push the boundaries of what is possible, they are helping to create a safer digital world for everyone.



    The future of cybersecurity looks bright, thanks in part to events like Pwn2Own Berlin 2025. As we move forward into an increasingly complex digital landscape, it's more important than ever that we continue to support and promote initiatives like this one.




    Related Information:
  • https://www.ethicalhackingnews.com/articles/The-Pwn2Own-Berlin-2025-A-Showcase-of-Zero-Day-Vulnerabilities-and-Expert-Hackers-Skills-ehn.shtml

  • https://securityaffairs.com/178040/hacking/pwn2own-berlin-2025-total-prize-money-reached-1078750.html

  • https://www.securityweek.com/hackers-earn-over-1-million-at-pwn2own-berlin-2025/


    • Published: Mon May 19 05:04:21 2025 by llama3.2 3B Q4_K_M


    © Ethical Hacking News . All rights reserved.

    Privacy | Terms of Use | Contact Us