Hitag2, a legacy key fob system, has long been known to carry security flaws. A recent demonstration showed that it could be cracked in under a minute. We break down how the attack works and why outdated encryption poses serious risks to modern vehicles.
We analyze the three-bug exploit chain demonstrated by security researchers against the Pioneer DMH-WT7600NEX IVI system at Pwn2Own Automotive 2024. We map it to the Automotive Threat Matrix and highlight industry best practices for mitigating similar exploits.
As EV fleets become more connected, cybersecurity is playing an increasingly critical role in ensuring long-term performance, compliance, and asset utilization. We explore the most pressing cyber risks facing modern fleets and present actionable strategies to help organizations keep their vehicles secure, operational, and productive.
As AI, EVs, and SDVs reshape the automotive industry, cyberthreats are evolving in tandem. Drawing from VicOne’s 2025 automotive cybersecurity report, this article offers key insights into the industry’s threat landscape and outlines the strategies automakers need to stay ahead.
Security researchers uncovered a vulnerability in Subaru’s in-vehicle infotainment (IVI) system admin panel, enabling unauthorized access to personal information, GPS records, and vehicle controls. We examine the findings and emphasize the need for automotive manufacturers to adopt a security-first approach throughout the vehicle lifecycle.
Effective attack path identification enables automotive manufacturers and suppliers to stay ahead in an increasingly complex threat landscape. Learn how VicOne xZETA combines AI and curated automotive threat intelligence to streamline product security risk assessment, minimize manual efforts, and deliver actionable insights.
In the first several weeks of 2025 alone, a surge of ransomware attacks hit the automotive industry. We examine recent cases and their broader implications for automotive cybersecurity.
AI smart cockpits are transforming the driving experience, but their reliance on AI also opens new attack surfaces. We explore how risks like data leaks and prompt injection threaten vehicle security — and what's needed to defend against them.
We discuss the two vulnerabilities discovered in the Phoenix Contact CHARX SEC-3100 EV charging controller at Pwn2Own Automotive 2024, highlighting their impact and possible mitigations.
As the automotive industry accelerates toward AI-driven, software-defined vehicles, the need for smarter, more efficient cybersecurity has never been greater. VicOne’s innovative xCarbon Edge AI transforms vehicles into proactive defenders, reducing costs, enhancing efficiency, and safeguarding drivers from emerging cyberthreats.
The final day of Pwn2Own Automotive 2025 saw eight unique zero-day vulnerabilities, bringing the total haul for the three-day event to 49. Finishing with 30.5 “Pwn points,” Sina Kheirkhah was crowned this year’s Master of Pwn.
Day two of Pwn2Own Automotive 2025 was a “Tesla EV charger kind of day,” with four Tesla Wall Connectors targeted. The day closed with an impressive haul of 23 unique zero-day vulnerabilities, surpassing the 16 uncovered on day one.
A total of 16 unique zero-day vulnerabilities were discovered on day one of Pwn2Own Automotive 2025, the world’s largest zero-day vulnerability discovery contest focused on connected cars and software-defined vehicles.