Carnegie Mellon's Hacking Team Wins Fourth Straight, Record Ninth Overall DEF CON Capture-the-Flag Title
Carnegie Mellon's hacking team wins fourth straight, record ninth overall DEF CON Capture-the-Flag title
PPP joined forces with CMU alumnus and University of British Columbia Professor Robert Xiao's team, Maple Bacon, and hackers from CMU Alum startup Theori.io (The Duck), playing under the name Maple Mallard Magistrates (MMM).
DEF CON's three-day flagship competition, widely considered the 'Olympics' of hacking, brought together some of the world's most talented cybersecurity professionals, researchers, and students, as 12 of the world's top teams (who qualified from a field of more than 2,300 teams) attempted to break each other's systems, stealing virtual flags and accumulating points while simultaneously protecting their own systems.
As the number of cybersecurity attacks continues to increase worldwide, competitions like DEF CON's Capture-the-Flag provide the opportunity for leading cybersecurity engineers to measure up against one another, learning and developing new techniques as they work through various challenges.
Carnegie Mellon students, faculty, and alumni took an early lead in the competition but faced some adversity during the LiveCTF portion of the event, which narrowed the gap in the race to the top of the leaderboard heading into Sunday. The team ultimately rebounded to pull away from its closest challengers in the competition's final hours and secure the victory. For the win, MMM earned eight black badges, the most elite recognition in hacking.
'DEF CON CTF involves a lot of teamwork and communication,' said Erye Hernandez, PPP team member and alumna of Carnegie Mellon's Information Networking Institute (INI). 'Many of our veteran players have known each other for a long time, and it's great having that camaraderie, trust, and ability to depend on each other when it comes to this type of competition.'
PPP was first formed in 2009 and began competing at DEF CON in 2010. The team's previous wins came in 2013, 2014, 2016, 2017, 2019, 2022, 2023, and 2024, with second-place finishes in 2015, 2018, 2020, and 2021. The team runs and competes in several cybersecurity competitions each year and recently won its fourth straight title at the MITRE embedded Capture-the-Flag event (eCTF).
'This was not my first attack/defense CTF, but coming into the DEF CON CTF Finals for the first time was an entirely different world for me,' said Rohil Chaudhry (MS'25), a recent INI graduate. 'The stakes are high, and I had a lot of fun experiencing the sheer pace with which the competitors work and learning new and interesting things from everyone on the team.'
Members of PPP contribute as problem writers to Carnegie Mellon University's annual student-focused hacking competition, picoCTF, developing challenges of varying levels of complexity. picoCTF has long been the go-to CTF for middle and high school students looking to build and hone their cybersecurity skills, and in recent years has expanded to include an undergraduate leaderboard, as well as several country and continent-specific leaderboards.
Home to the CyLab Security and Privacy Institute, U.S. News and World Report's top-ranked undergraduate cybersecurity program, and several world-class graduate programs and courses, Carnegie Mellon University continues to lead the way in cybersecurity education and research.
About the College of Engineering:
The College of Engineering at Carnegie Mellon University is a top-ranked engineering college known for its Advanced Collaboration culture in research and education. The College is well-known for working on problems of both scientific and practical importance. Our 'maker' culture is ingrained in all that we do, leading to novel approaches and transformative results. Our acclaimed faculty have a focus on innovation management and engineering to yield transformative results that will drive the intellectual and economic vitality of our community, nation, and world.
About Carnegie Mellon University: Carnegie Mellon, cmu.edu, is a private, internationally ranked research university with acclaimed programs spanning the sciences, engineering, technology, business, public policy, humanities, and the arts. Our diverse community of scholars, researchers, creators, and innovators is driven to make real-world impacts that benefit people across the globe. With a bold, interdisciplinary, and entrepreneurial approach, we do the work that matters.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Washington Post
8 hours ago
- Washington Post
How tree huggers and dragon slayers could recharge a vital industry
Harry Krejsa, director of studies at the Carnegie Mellon Institute for Strategy & Technology, formerly led counter-China cyber and technology strategy in the White House and Defense Department. Sarah Hipel is former chief technology officer for the Joint Office of Energy and Transportation.
Yahoo
a day ago
- Yahoo
Qualys (QLYS) Wins Two Pwnie Awards at DEF CON for Groundbreaking OpenSSH Vulnerability Research
Qualys, Inc. (NASDAQ:QLYS) is one of the Qualys, Inc. (NASDAQ:QLYS) is one of the best midcap AI stocks to buy right now. On August 12, 2025, Qualys announced that its Threat Research Unit (TRU) received two Pwnie Awards at the DEF CON cybersecurity conference for its groundbreaking work uncovering critical OpenSSH vulnerabilities. The awards, 'Epic Achievement' and 'Best Remote Code Execution (RCE)', recognized Qualys for identifying CVE-2024-6387, the first pre-authentication RCE in OpenSSH in nearly two decades, and CVE-2025-26465, a man-in-the-middle attack affecting FreeBSD clients. The wins cement Qualys' status as a major player in vulnerability research. welcomia/ Alongside its ongoing threat research, Qualys expanded coverage within its Enterprise TruRisk Platform on August 12, 2025, issuing new vulnerability checks tied to Microsoft's latest Patch Tuesday update. While the company did not publish a formal press release, its research portal listed 98 vulnerabilities across 12 Microsoft security bulletins, with immediate support deployed for customer environments. The update underscores Qualys' operational emphasis on rapid detection and remediation, reinforcing its reputation for delivering same-day protections aligned with major vendor disclosures. Qualys is a U.S.-based provider of cloud-native IT, security, and compliance solutions. Its platform is used by global enterprises to manage vulnerabilities, ensure policy compliance, protect against threats, and inventory digital assets across hybrid environments. While we acknowledge the potential of QLYS as an investment, we believe certain AI stocks offer greater upside potential and carry less downside risk. If you're looking for an extremely undervalued AI stock that also stands to benefit significantly from Trump-era tariffs and the onshoring trend, see our free report on the best short-term AI stock. READ NEXT: and . Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
New York Post
a day ago
- New York Post
Want to beat the next big Coinbase listing? Here's how savvy traders do it
The New York Post may receive revenue from affiliate/advertising partnerships for sharing this content and/or if you click or make a purchase. Every time Coinbase adds a new coin to its platform, the crypto world pays attention — and so do the markets. For investors trying to identify the next breakout asset, a Coinbase listing can serve as both a credibility stamp and a catalyst for price movement. But if you're only watching the official announcement pages, you're probably already too late. That's where tools like Best Wallet come in. The non-custodial app has become a go-to for crypto users looking to track potential listings, monitor token momentum, and stay ahead of the news cycle. With features like real-time price alerts, scam filters, and an integrated token scanner, Best Wallet doesn't just react to trends — it helps you see them forming. Advertisement Coinbase is the largest U.S. crypto exchange and among the most widely used worldwide. REUTERS So how does Coinbase decide what to list, and how can everyday investors get ahead of the curve? Download Best Wallet from App Store or Google Play (no KYC needed). Open the Trending Tokens or Launchpad section to see coins gaining exchange momentum. Tap any token for in-depth research: whitepaper, team, tokenomics, hype metrics, recent exchange listings, and smart contract security. Set up custom notifications for listing announcements or sudden volume surges. Store and track the new coin in your secure, private portfolio. Advertisement Coinbase is the largest U.S.-based crypto exchange and one of the most widely used platforms globally. For many investors, it serves as a 'safe zone' — a vetted space in a market still largely unregulated. That kind of gatekeeping power has spawned what many call the 'Coinbase Effect.' Assets that land on the platform often see immediate price action. A 2021 report by crypto research firm Messari found that coins listed on Coinbase gained an average of 91% over the five days after announcement — although that number drops to 29% when you remove extreme outliers. Still, that kind of volatility cuts both ways. While some coins skyrocket, others drop. Best Wallet helps users navigate this by providing curated insights and customizable watchlists so you're not just blindly buying into the hype. Coinbase doesn't release long lists of upcoming listings — and for good reason. Most additions are kept under wraps until the company is ready to make them public. That said, there are breadcrumbs worth following. Advertisement Trading volume, trends, community demand and presale momentum can help determine contenders for upcoming listings. Zinsmute – 'The short answer is no. You can certainly base some clues in partnerships being pursued or marketing activity associated with certain tokens,' said Alex Beene, a financial literacy instructor at the University of Tennessee at Martin. 'For the most part, listings are kept confidential.' Julia Cartwright, senior fellow at the American Institute for Economic Research, echoed that warning. 'The official channels are the most accurate. Of course there is a lot of online speculation but that is not reliable.' Advertisement Coinbase advises investors to monitor its X accounts — @Coinbase and @CoinbaseAssets — along with its blog and Exchange Status page. But for those who don't want to bounce between browser tabs and Twitter threads, Best Wallet streamlines that process. The app's token discovery dashboard aggregates these signals — and more — into one place. Sites like Coinspeaker and 99Bitcoins have published lists of tokens they believe could be next in line for Coinbase. Some of the recent names include: Best Wallet Token Bitcoin Hyper TOKEN6900 Snorter Bot Kaspa Toncoin Bittensor Jupiter Exchange World Liberty Financial But again, headlines move fast. Best Wallet lets users add these tokens to custom watchlists and enables smart alerts for price movements, wallet-holder surges, and sentiment shifts — all in real time. Coinbase posts about new listings on its social media accounts. REUTERS Coinbase says it 'adheres to thorough processes and standards for all asset listings.' This includes evaluation by the Digital Asset Support Group (DASG), also known as the Digital Asset Listing Group, which reviews legal, compliance, and security metrics before approving a token. 'Exchanges generally are not in the business of deciding whether an investment is good or not…there needs to be some standards that it's not an outright fraud,' said Dave Weisberger, co-founder of CoinRoutes. Advertisement 'The reason they [Coinbase] seem more authoritative is because their chief legal officer…has always insisted that it be a defendable process and I think they've done a pretty good job with it.' 'Look at the whitepaper, the team involved, its use case, and its economics,' Cartwright said. 'The crypto market can be highly emotional, with prices swinging wildly. It's easy to get caught up in the hype, but making decisions based on fear or FOMO often leads to poor outcomes.' Best Wallet makes this easier by flagging potential scams, analyzing token metrics, and allowing users to scan for early wallet-holder growth — a metric often associated with momentum ahead of a listing. Coinbase said it 'adheres to thorough processes and standards for all asset listings.' Galeno – Advertisement Here's a surprise: It doesn't. Coinbase says it does not charge listing, application, or prerequisite marketing fees. The platform emphasizes a level playing field and prioritizes compliance over commercial advantage. For crypto teams looking to be considered, Coinbase offers a submission portal called Asset Hub. If an asset passes an initial screening, the DASG might request further due diligence. A Coinbase listing can boost a token's visibility and value — but by the time most people see the news, it's already old. Advertisement Best Wallet users aren't waiting around. They're tracking pre-listing chatter, monitoring whale wallets, and flagging sudden volume spikes — all within a single app. In a market where minutes matter, Best Wallet offers something no X thread or press release can: a head start.
