Blog

Day 2 delivered 29 new zero-days, pushing the total to a record 66. Researchers repeatedly compromised Level 2/3 EV chargers and IVI systems using practical flaws like exposed interfaces and command injection. The takeaway: automotive and charging infrastructure attacks are now repeatable at scale—shifting cyber risk from theoretical to immediate operational impact.

Pwn2Own Automotive 2026 exposes critical zero-day vulnerabilities in software-defined vehicles before they escalate into real-world business and operational risk. By ensuring zero-day vulnerabilities move from exposure to resolution, the event transforms discovery into Automotive Foresight—helping organizations stay ahead of risk before it reaches the road.

We analyze the multiple zero-day vulnerabilities discovered in popular aftermarket automotive devices, map them to the Automotive Threat Matrix, and illustrate how attackers could exploit these critical flaws in real-world scenarios.

An analysis of the recent immobilization incident affecting a luxury car brand: what happened, what likely didn’t, and how car manufacturers can prevent anti-theft systems from compromising vehicle availability and safety.

We examine the electric vehicle (EV) charging communication vulnerabilities revealed at the recent DEF CON 33, highlighting their mitigations and broader industry impacts.

We examine the vulnerabilities discovered in an EV charger during Pwn2Own Automotive to reveal where EVSE cybersecurity standards fall short and why stronger, unified measures are critical for securing the charging infrastructure.

Euro 7 links emissions integrity to cybersecurity. In this blog, we show how a differentiated, tiered TARA provides a practical path to compliance with Euro 7’s anti-tampering mandates through minimal updates to existing UN R155 frameworks.

VicOne and the American Center for Mobility (ACM) examine the evolving threat landscape of electric vehicle supply equipment (EVSE) and outline strategies to secure the grid edge.

This blog explores how RAMN, especially when paired with the CARLA simulator, enables secure, hands-on experimentation and simulation in automotive embedded systems and cybersecurity research.

VicOne shares key insights from its Q3 2025 Situational Awareness Report on cybersecurity in the automotive, transportation, and logistics sectors.

We examine one of the challenges at the SPIRITCYBER Automotive CTF 2025, where a simulated CAN injection attack exposes security gaps in modern connected vehicles.

Pwn2Own Automotive returns to Tokyo in January 2026 for its third edition. Discover the rules, targets, and what’s new in the world’s largest automotive-focused ethical hacking contest.