Pwn2Own Returns to Ireland with a One Million Dollar WhatsApp Target

July 31, 2025 | Dustin Childs CONTINUE READING
CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside
Blog post

CVE-2023-38600: Story of an innocent Apple Safari copyWithin gone (way) outside

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit
Blog post

Looking at the Attack Surface of the Sony XAV-AX5500 Head Unit

Finding Deserialization Bugs in the SolarWinds Platform
Blog post

Finding Deserialization Bugs in the SolarWinds Platform

Revealing the Targets and Rules for the First Pwn2Own Automotive
Blog post

Revealing the Targets and Rules for the First Pwn2Own Automotive

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki
Blog post

CVE-2023-35150: Arbitrary Code Injection in XWiki.org XWiki

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability
Blog post

CVE-2023-36934: Progress Software MOVEit Transfer SQL Injection Remote Code Execution Vulnerability

The SOHO Smashup Returns for Pwn2Own Toronto 2023
Blog post

The SOHO Smashup Returns for Pwn2Own Toronto 2023

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs
Blog post

CVE-2023-20864: Remote Code Execution in VMware Aria Operations for Logs

CVE-2022-31696: An Analysis of a VMware ESXi TCP Socket Keepalive Type Confusion LPE
Blog post

CVE-2022-31696: An Analysis of a VMware ESXi TCP Socket Keepalive Type Confusion LPE

Adventures in Disclosure: When Reporting Bugs Goes Wrong
Blog post

Adventures in Disclosure: When Reporting Bugs Goes Wrong