VMware ESXi, Firefox, Red Hat Linux & SharePoint Hacked – Pwn2Own Day 2

Security researchers demonstrated their prowess on the second day of Pwn2Own Berlin 2025, discovering critical vulnerabilities across major enterprise platforms and earning $435,000 in bounties.

The competition, now in its second day at the OffensiveCon conference in Berlin, has awarded a cumulative total of $695,000 with participants revealing 20 unique zero-day vulnerabilities thus far.

Confirmed! Viettel Cyber Security (@vcslab) used an OOB Write for their Guest-to-Host escape on #Oracle VirtualBox. The earn themselves $40,000 and 4 Master of Pwn points. pic.twitter.com/SugXdigVbt

— Trend Zero Day Initiative (@thezdi) May 16, 2025

With a third day of competition remaining, organizers believe the total prize money could surpass the $1 million threshold.

Major Enterprise Systems Fall to Skilled Hackers

The second day of the competition saw several high-profile enterprise platforms successfully compromised.

In what marks a historic achievement, Dinh Ho Anh Khoa of Viettel Cyber Security combined an ...