"Hackers Earn $400k on First Day at Pwn2Own Toronto 2023"

The Pwn2Own Toronto 2023 hacking contest started yesterday, and participants successfully hacked NAS devices, printers, mobile phones, and other devices, earning more than $400,000 on the first day.  The highest reward of the day went to team Orca of Sea Security, which executed a two-vulnerability exploit chain (out-of-bounds read and use-after-free) against the Sonos Era 100 speaker, earning $60,000.  The Pentest Limited team earned the second highest reward of the day, at $50,000, for an improper input validation exploit targeting the Samsung Galaxy S23 mobile phone.  The hacking competition will continue until Friday, with exploits to be demonstrated in the NAS devices, smart speakers, printers, mobile phones, and surveillance systems categories.  Missing from the contest are smart vehicles, which will be present at Pwn2Own Automotive, set to be hosted at the Automotive World conference in January 2024 in Tokyo, Japan.  It will be the first Pwn2Own competition dedicated to automotive.

SecurityWeek reports: "Hackers Earn $400k on First Day at Pwn2Own Toronto 2023"