White-hat hackers discover two zero-day Safari vulnerabilities at security conference

c6-w_vqu8aa-hjw-large

Pwn2own is an annual security conference. At the conference, two teams of hackers were able to find a couple of zero-day Safari vulnerabilities that allowed root access to macOS.

Eleven teams are competing for a $1M prize pot with three of the ten attempts to date targeting Safari.

Chaitin Security Research Lab was able to put together six exploits to gain root access to macOS, winning a $35,000 prize.

Samuel Groß and Niklas Baumstark won $25,000 after being able to exploit five bugs to display a message on the MacBook Pro Touch Bar.

Both teams will report the exploits to Apple so it’s fixed before they are made public.

Tags: , , , ,