After three intense days of competition, Pwn2Own Berlin 2025 - one of the world’s most prestigious cybersecurity contests - concluded with a record-breaking prize pool of over USD 1 million.

Viettel Cyber Security (VCS), representing Vietnam, secured second place with a total of 15.5 points.

Held from May 15 to 17 in Berlin, Germany, the competition attracted elite cybersecurity teams from around the globe. Contestants targeted cutting-edge technologies, seeking out previously unknown vulnerabilities (zero-days) in artificial intelligence systems, web browsers, virtualization software, privilege escalation techniques, servers, enterprise applications, cloud-native/container platforms, and automotive technologies.

As per Pwn2Own regulations, all target devices had to be running the latest operating system versions with fully updated security patches.

On the first day alone, teams earned USD 260,000 in rewards, followed by USD 435,000 on day two and USD 383,750 on the final day.

In total, the 2025 event paid out a record USD 1,078,850 for the discovery and demonstration of 28 zero-day vulnerabilities, including seven from the newly introduced AI category.

Vendors now have 90 days to release security patches before Trend Micro makes the discovered vulnerabilities public.

Singapore’s STAR Labs SG clinched the championship title with 35 points and USD 320,000 in prize money. The team executed successful exploits against Red Hat Enterprise Linux, Docker Desktop, Windows 11, VMware ESXi, and Oracle VirtualBox. STAR Labs’ Nguyen Hoang Thach also won the individual top prize, taking home USD 150,000.

Viettel’s team, the defending champion from both the 2023 and 2024 editions, finished second. On the first day, they successfully exploited a vulnerability in the NVIDIA Triton Inference Server, earning 1.5 points and USD 15,000.

On day two, they uncovered vulnerabilities in Oracle VirtualBox and Microsoft SharePoint, gaining 14 more points and USD 140,000 in rewards. This brought their total to 15.5 points and USD 155,000.

The third, fourth, and fifth place spots went to teams Reverse Tactics, Synacktiv, and Wiz Research, respectively.

Pwn2Own is a globally recognized arena where white-hat hackers and cybersecurity researchers race to identify and exploit zero-day vulnerabilities in widely used devices and software, including smartphones, security cameras, office equipment, and enterprise applications.

The competition not only rewards innovation but also plays a crucial role in advancing global cybersecurity by helping vendors patch vulnerabilities before they can be exploited by malicious actors.

Du Lam