During the event, security researchers who were in attendance managed to exploit Safari not just once, but twice, with one exploit being successfully taken advantage of within the competition’s 30-minute, 3 try guidelines, while the second exploit took four attempts. Regardless of the number of attempts, the fact that these exploits existed is the key takeaway.
One of the hacks involved overwriting the kernel and execute code that exploited the browser, while the other used a couple of Safari vulnerabilities to execute a sandbox escape. The successful researchers were awarded $65,000 and $55,000 respectively. However the good news is that naturally representatives for the companies were in attendance, including Apple.
They were also made aware of all security vulnerabilities that were discovered during the competition so that they can be patched in future software updates. It is unclear as to when these updates will be issued, but hopefully these exploits aren’t too severe where they might have disastrous consequences if exploited for real.