D-Link 850L XSS / Backdoor / Code Execution Vulnerabilities

D-Link 850L suffers from cross site scripting, access bypass, backdoor, bruteforcing, information disclosure, remote code execution, and denial of service vulnerabilities. Basically, do not use this device unless you want to analyze it to see how not to design something. Advisory Information Titl...

Google Chrome Goes Down in Early Stage of Pwn2Own

VANCOUVER–A group of researchers from VUPEN, a French security firm, was able to compromise Google Chrome in the initial stages of the Pwn2Own contest. But because of the new rules this year, that doesn’t guarantee them a win in the contest. Rather, it just gives them a nice head start. The...

Revamped Pwn2Own to Offer $105K in Prizes, Cash From Google for Chrome 0-Days

The Pwn2Own contest at the CanSecWest conference has become one of the landmark events on the calendar each year, as researchers gather with nervous vendors in a tiny room to see who can own which browser on which platform and how quickly. But this year’s contest will have a much different look...

Pwn2Own Predictions: Apple iPhone Will Fall

Hackers at this year’s CanSecWest Pwn2Own contest will definitely break into an Apple iPhone by exploiting a remote code execution vulnerability. That’s the prediction from Charlie Miller and Aaron Portnoy, two security researchers who are monitoring events leading to next week’s hacker challenge...