Can you imagine being awarded over a million dollars just based on your ability to find bugs in computer software? This is exactly what happened at Pwn2Own Ireland 2025, a prestigious series of hacking competitions hosted in Dublin, Ireland. The event gave away an astounding $1,024,750 in cash awards to experts that specialize in discovering bugs to improve the security of the products.
Additionally, they discovered 73 brand new vulnerabilities, termed ‘zero-days’, in many popular software products, including Windows 11, Ubuntu Desktop, VMware's virtualization platform, Docker for container management, and VirtualBox.
The Pwn2Own competitions are managed by Trend Micro's Zero Day Initiative (ZDI). The focus for this year was targeted at exploiting virtual machines, operating systems, and enterprise applications — effectively all those tools that ultimately drive virtually organization's business networks.
• Synacktiv was in first place at $350,000 and earned the title “Master of Pwn.”
• Star Labs SG and Sea Security also found some of the big bugs in Docker and VMware.
• Other hackers showed exploits worked on Ubuntu Desktop and VirtualBox, which just goes to show that even trusted software can have hidden flaws.
In total, there were 73 zero-day bugs found. That’s 73 issues that no one knew about going into the contest — reported and ready to be fixed.
Because we would rather have the bugs discovered and fixed than have a cybercriminal discover them first!
Events like Pwn2Own allow vendors to patch security holes so they will not be an active issue. In other words, hackers are protecting our data and devices — and you don’t even know them!
The next time your computer requests an update, recognize that it's likely fixing a matter that one of these hackers uncovered. So for the sake of safety, just update. Someone was diligent to help protect you online.
Additionally, they discovered 73 brand new vulnerabilities, termed ‘zero-days’, in many popular software products, including Windows 11, Ubuntu Desktop, VMware's virtualization platform, Docker for container management, and VirtualBox.
What Is Pwn2Own?
Pwn2Own is not your smooth, general hack competition. It is legal competition where experts try to exploit the viable systems they are targeting for weaknesses before bad actors or hackers exploit their weaknesses first. Once they exploit the weakness, they then receive a cash award, and in turn, they just contributed to making the internet a safer place.The Pwn2Own competitions are managed by Trend Micro's Zero Day Initiative (ZDI). The focus for this year was targeted at exploiting virtual machines, operating systems, and enterprise applications — effectively all those tools that ultimately drive virtually organization's business networks.
What Was Hacked and Who Took the Cash
Let’s start with the winners — these people certainly earned every single dollar.• Synacktiv was in first place at $350,000 and earned the title “Master of Pwn.”
• Star Labs SG and Sea Security also found some of the big bugs in Docker and VMware.
• Other hackers showed exploits worked on Ubuntu Desktop and VirtualBox, which just goes to show that even trusted software can have hidden flaws.
In total, there were 73 zero-day bugs found. That’s 73 issues that no one knew about going into the contest — reported and ready to be fixed.
Why Does This Matter?
So why would we pay hackers to find exploits?Because we would rather have the bugs discovered and fixed than have a cybercriminal discover them first!
Events like Pwn2Own allow vendors to patch security holes so they will not be an active issue. In other words, hackers are protecting our data and devices — and you don’t even know them!
Conclusion
Truthfully, I believe these hackers should receive full credit (and the money). They're using their expertise to improve safety on the internet for everyoneThe next time your computer requests an update, recognize that it's likely fixing a matter that one of these hackers uncovered. So for the sake of safety, just update. Someone was diligent to help protect you online.