The Pwn2Own Ireland hacking contest awarded a total $1,024,750 for 73 zero-days, the Summoning Team won Master of Pwn.
Pwn2Own Ireland 2025 wrapped up with $1,024,750 awarded for 73 unique zero-days. Organizers thanked participants, vendors, and partners Meta, Synology, and QNAP.
Pwn2Own Ireland 2025 includes eight categories of exploits targeting flagship smartphones (Galaxy S25, iPhone 16, Pixel 9), printers, network storage, home networking gear, messaging apps, smart home and surveillance devices, plus wearables like Meta Quest 3/3S and Ray-Ban Smart Glasses.
The Summoning Team claimed the Master of Pwn title for outstanding exploits across multiple categories, showcasing exceptional research and preparation.
Ben R. and Georgi G. of Interrupt Labs exploited an input validation bug to take over the Samsung Galaxy S25, enabling camera and location access, earning $50K and 5 Master of Pwn points.
David Berard of Synacktiv exploited two bugs in the Ubiquiti AI Pro (Surveillance Systems), earning $30K and 3 Master of Pwn points, featuring a Baby Shark demo.
namnp of Viettel Cyber Security exploited Phillips Hue Bridge via crypto bypass and heap overflow, earning $20K, 4 Master of Pwn points, and a Top 5 ranking.
The researchers Eugene (3ugen3) of Team Z3 withdrew from the competition, canceling his $1M zero-click WhatsApp exploit demo, citing it wasn’t ready for public presentation.
Anyway, Eugene cannot share any details about the WhatsApp exploit due to a signed agreement NDA with the organization.
Follow me on Twitter: @securityaffairs and Facebook and Mastodon
(SecurityAffairs – hacking, Pwn2Own Ireland)
