22-10-25, 08:07 PM
On the first day of Pwn2Own Ireland 2025, security researchers exploited 34 unique zero-days and collected $522,500 in cash awards.
The highlight of the day was Bongeun Koo and Evangelos Daravigkas of Team DDOS chaining eight zero-day flaws to hack the QNAP Qhora-322 Ethernet wireless router via the WAN interface and gain access to a QNAP TS-453E NAS device. For this successful attempt, they won $100,000 and are now in second place on the Master of Pwn leaderboard with 8 points.
The Pwn2Own Ireland 2025 hacking competition features eight categories targeting flagship smartphones (Apple iPhone 16, Samsung Galaxy S25, and Google Pixel 9), messaging apps, smart home devices, printers, home networking equipment, network storage systems, surveillance equipment, and wearable technology (including Meta's Ray-Ban Smart Glasses and Quest 3/3S headsets).
Meta, alongside QNAP and Synology, is co-sponsoring the Pwn2Own Ireland 2025 hacking contest, which takes place from October 21 to October 24 in Cork, Ireland.
During last year's Pwn2Own Ireland event, security researchers earned $1,078,750 for more than 70 zero-day vulnerabilities, with Viettel Cyber Security collecting $205,000 for QNAP, Sonos, and Lexmark bugs.
