Black Hat Asia 2025 returned to Singapore with a dynamic mix of technical depth, real-world impact, and plenty of sobering insights about the evolving cybersecurity landscape. Across two packed days, experts from around the globe tackled threats old and new, offering live demonstrations, original research, and thought-provoking commentary on the increasingly blurred lines between digital, physical, and even quantum attack surfaces.
The event opened with a keynote from Edward Chen, Deputy Chief Executive of the Cyber Security Agency of Singapore, who laid out a pragmatic view of national cybersecurity readiness. While artificial intelligence now dominates conversations about threat evolution, Chen reminded attendees that ransomware, scams, and APTs remain persistent fixtures. His briefing on Singapore’s coordinated cyber defense strategy—spanning government, industry, and society—set a tone that would echo throughout the conference: cybersecurity is not just about the latest tool or exploit, but about collaborative, adaptive resilience.
The following day, attention turned to the hardware realm in a keynote by Bunnie Huang, founder of Bunnie Studios. Diving into the global hardware supply chain, Huang presented a candid look at the challenges of establishing trust in devices with components that often originate from opaque and fragmented ecosystems. His experience navigating this terrain illuminated key differences between software and hardware security, reminding the audience that threats often lurk far beneath the surface—sometimes etched right into the silicon.
That theme of hidden threats continued in one of the most interesting sessions, as automotive cybersecurity appears to have been a very prevalent theme throughout the conference, starting with “Drive-Thru Car Hacking.” A team of researchers demonstrated how common dashcams could be weaponized to exfiltrate private data in minutes during everyday drive-through encounters. Using a novel, automated attack method, they showed how poorly secured devices could leak audio, location data, and even video recordings, emphasizing how consumer technology—when rushed to market without security in mind—can become a liability instead of an asset.
Virtual infrastructure took a hit in a detailed technical presentation from researchers at QI-ANXIN, who revealed four critical vulnerabilities in VMware’s vCenter Server. Through a mix of heap overflow and privilege escalation bugs in the DCERPC service, the team demonstrated remote root access to vCenter and, ultimately, control over ESXi environments. Their successful exploit chain offered a rare look at how low-level memory manipulation, when combined with persistence and precision, can compromise some of the most trusted virtualization platforms in enterprise IT.
Quantum computing had its moment in the spotlight with the introduction of ObfusQate, a new tool designed to obfuscate quantum programs. Developed by the Singapore Institute of Technology and Fraunhofer Singapore, ObfusQate leverages both circuit-level and control-flow obfuscation techniques to prevent reverse engineering of quantum algorithms. While the tool offers defensive utility in protecting intellectual property, its dual-use nature also raised eyebrows, since it can be used to conceal malicious code in otherwise legitimate quantum software. A live demo showed how the tool could evade LLM-based detection, drawing attention to the arms race already unfolding in this emerging domain.
AI security was a recurring thread throughout the event, particularly in the session “Tinker Tailor LLM Spy,” led by Airbnb’s Allyn Stott. With companies increasingly deploying generative AI chatbots, Stott walked attendees through what happens when those systems go off script—leaking sensitive data, responding inappropriately, or worse. His practical playbook for incident response in LLM environments bridged the gap between traditional security operations and the chaotic world of prompt injection, hallucinations, and unpredictable machine logic.
In another standout session on automotive cybersecurity, researchers from 360 Vulnerability Research Institute and SigVoid demonstrated remote exploitation of an infotainment system using man-in-the-middle vulnerabilities. Their blackbox testing of a high-selling Chinese automaker’s vehicles over three years revealed not just technical flaws, but also the evolving arms race between car manufacturers and attackers. The live demo underscored how complex, interconnected systems, especially in the automotive space, require vigilance and external validation.
The mobile ecosystem didn’t escape scrutiny, either. A research team from Graz University of Technology showcased USB-based file access attacks on locked Android and iOS devices, revealing vulnerabilities that allowed full read-write access without user confirmation. The attack method—disguised as a simple charging connection—demonstrated how physical interfaces continue to present serious risks, even in devices marketed as highly secure.
Physical access control was also put under the microscope. Julia Zduńczyk of Securing offered a tour of bypass techniques for RFID systems, including attacks against the Wiegand protocol and denial-of-service strategies against readers. Her real-world red teaming examples brought a practical edge to discussions about hardware and infrastructure security, illustrating how physical and cyber boundaries often overlap in modern security engagements.
One of the more dramatic sessions came late in the conference, when researchers from PCAutomotive detailed a multi-stage attack on a 2020 Nissan Leaf. By exploiting Bluetooth vulnerabilities, bypassing secure boot, and ultimately establishing a DNS-based command-and-control channel, they achieved persistent remote access to the vehicle’s CAN bus. With this access, they demonstrated control over systems ranging from wipers and mirrors to door locks and steering. The talk was a sobering conclusion to a conference that repeatedly emphasized how connectivity, while convenient, can open dangerous doors if not rigorously secured.
Black Hat Asia 2025 delivered more than just a collection of briefings: it offered a clear-eyed view of where cybersecurity stands today and where it’s headed. From AI and quantum computing to embedded systems and mobile threats, the event captured the breadth of challenges defenders face in a world where technology evolves faster than policy, oversight, or user awareness. It also highlighted the essential role of independent research, cross-industry collaboration, and continuous education in staying ahead. For attendees, the message was unmistakable: in cybersecurity, there is no neutral gear—you’re either adapting or being outpaced.