VicOne Presents Relevant Zero-Day Threats and Promotes Industrywide Cyber Vigilance at 2025 Auto-ISAC Europe Summit

VicOne Presents Relevant Zero-Day Threats and Promotes Industrywide Cyber Vigilance at 2025 Auto-ISAC Europe Cybersecurity Summit

Driving Collective Intelligence: Why Zero-Day Discovery and Industry Collaboration Matter in Advancing Automotive Cybersecurity

Munich/Gothenburg — VicOne, a leading provider of cybersecurity solutions for the automotive industry, together with the Automotive Information Sharing and Analysis Center (Auto-ISAC), presented breach-related zero-day vulnerabilities at the 2025 Auto-ISAC Europe Cybersecurity Summit in Gothenburg, Sweden. The early discovery of these previously undiscovered or unreported vehicle security vulnerabilities — and their subsequent remediation — will help the entire automotive industry lay a foundation for the future cybersecurity of its vehicles and accessories by strengthening protective measures and promoting the prevention of cyberattacks. 

The European summit (May 6 – 8, 2025), which was held for the third time, presented insights and practical examples from manufacturers, suppliers, thought leaders, legislators, practitioners, and other stakeholders on the topic of cybersecurity in the automotive industry in line with its motto “Building Resilience Together.” This enabled a trusting exchange of ideas with each other in order to jointly improve cybersecurity for the ecosystem of connected vehicles and ensure the mobility of the future.

As an introduction to the topic of zero-day vulnerabilities, Karl Schlauch, Principal Cybersecurity – Threat Researcher at VicOne, gave a presentation on “Dissection of Recent API Attacks and Lessons Learned” on the first day of the conference. Further cybersecurity vulnerabilities and their impact on the entire automotive industry were then presented on the second day in a panel discussion on “Shared Vigilance: Why Zero-Day Discovery and Collaboration Matter in Automotive Threat Intelligence,” which was moderated by William Dalton, Vice President and Managing Director, VicOne North America and Europe, and featured top-class speakers.

The cyber vulnerabilities presented were primarily based on the results of VicOne’s largest global white hacking contest, Pwn2Own Automotive 2025, which took place at Automotive World in Tokyo in January 2025 and where high-profile security researchers from 13 countries uncovered 49 unique zero-day vulnerabilities, mainly affecting in-vehicle infotainment (IVI) and electric vehicle (EV) charging systems. The zero-day vulnerabilities discovered during the contest have been reported to the affected automotive vendors or suppliers, who have taken steps to fix them and develop countermeasures.

As AI and software-defined vehicles (SDVs) transform mobility, they also widen the attack surface, turning cybersecurity vulnerabilities into industry disruptors. The surge in sophisticated threats exposes an urgent truth: No automaker, supplier, or vendor can face this challenge alone. It’s time to move beyond isolated defenses and embrace collective threat intelligence sharing — not just for protection, but as a competitive edge in securing the future of mobility. The panel discussion highlighted that the discovery of previously unknown cybersecurity vulnerabilities is an essential part of proactive threat analysis in an increasingly software-driven landscape. This is not a one-off effort, but a shared responsibility between all stakeholders in the automotive industry.

Collaboration is key to ensuring a secure future for connected and software-defined vehicles. VicOne is leading this shift, bringing deep expertise and actionable intelligence through collaboration with industry leaders. For example, VicOne’s partnerships with Trend Zero Day Initiative™ (ZDI) for Pwn2Own Automotive set a precedent for industrywide cooperation — raising awareness and driving proactive zero-day discovery, disclosure, and response.

“In an era where vehicles are as connected as their drivers, cybersecurity is a shared responsibility. At Auto-ISAC Europe, our guiding principle of strengthening resilience together means promoting a culture of trust, transparency and collaboration across the entire automotive industry. Because in this interconnected world, an attack on one is an attack on all. Only when car manufacturers, suppliers, and cybersecurity service providers like VicOne work together and share vulnerabilities early on can we shape the resilient and secure future that connected mobility requires,” said Dr. Martin Emele, European Director (EuD), Automotive ISAC Europe.

Max Cheng, CEO of VicOne, explains: “Due to the global proliferation of connected vehicles, the cybersecurity threat in the automotive industry is rapidly increasing. This applies to various components and systems of connected vehicles, including infotainment dashboards, operating systems and electric vehicle (EV) chargers. So we ask: With threats rising, can we afford to wait for the next attack before uniting through shared intelligence? What if collaboration is not just defense, but the key to securing the future of connected mobility? One of the principles of maintaining cybersecurity in the automotive industry is to identify and eliminate digital threats and previously unknown cyber vulnerabilities before a vehicle is released to the market. This conference provides the perfect opportunity to jointly discuss and collaborate on these improvements. We would like to thank the industry organization Auto-ISAC for hosting this global gathering of experts and look forward to the next event in Washington next September.”

The panel of experts, moderated by William Dalton, was made up of prominent speakers:

• Magnus Eek, Chief Product Security Officer, Volvo Cars
• Sina Kheirkhah, Researcher of the Summoning Team and “Master of Pwn” of the white hacking event Pwn2Own Automotive 2025
• Josh Poster, Director of Intelligence & Analysis at Auto-ISAC

More about the 2025 Auto-ISAC Europe Cybersecurity Summit and the detailed program can be found here.

About VicOne

With a vision to secure the vehicles of tomorrow, VicOne delivers a broad portfolio of cybersecurity software and services for the automotive industry. Purpose-built to address the rigorous needs of automotive manufacturers, VicOne solutions are designed to secure and scale with the specialized demands of the modern vehicle. As a Trend Micro subsidiary, VicOne is powered by a solid foundation in cybersecurity drawn from Trend Micro's 30+ years in the industry, delivering unparalleled automotive protection and deep security insights that enable our customers to build secure as well as smart vehicles. For more information, visit VicOne.com.