Cybersecurity Headlines Tesla hacked at Pwn2Own Automotive, Everest sitting on Under Armour data? PurpleBravo fake jobs campaign targets IP addresses
9 snips
Jan 22, 2026 In a cybersecurity showdown at Pwn2Own, teams showcased 37 zero-day exploits targeting electric vehicle systems, with Synactive successfully hacking Tesla's infotainment. Allegations arise that Everest has stolen and leaked 72.7 million Under Armour accounts. Additionally, the North Korean group Purple Bravo is using fake job interviews to target specific IPs. Meanwhile, phishing threats proliferate ahead of the Milano Cortina Olympics, and a phishing scam linked to LastPass aims to capture master passwords.
AI Snips
Chapters
Transcript
Episode notes
Vehicle Ecosystems Are Attack Magnets
- Pwn2Own Automotive researchers demonstrated 37 zero-day exploits across EV chargers and infotainment systems.
- The event highlights how connected vehicle ecosystems are large, diverse, and actively targeted by security researchers and attackers.
Tesla Infotainment Rooted In Contest
- Synactive chained flaws to gain root access to Tesla's infotainment system during Pwn2Own.
- Teams also compromised chargers from multiple vendors showing practical, real-world exploit chains.
Ransomware Groups Keep Low Profiles
- Everest allegedly posted data from 72.7 million Under Armour accounts including personal details and purchase history.
- The group's long-term low-profile double-extortion tactics underline risks of data resale and insider recruitment.