"pwned in 60 seconds" is a hugely misleading statement. Every time there's a hacking competition you see "Chrome, Firefox, IE fall in seconds" - ignoring the weeks or months that it takes to find the vulnerabilities and develop exploits for them.
It's not misleading, the issue is that your actual phone could be actually compromised in 60 seconds time, not some giant period of guessing and trying or cracking a complicated crypto scheme. The research time isn't material to the severity of the threat at the time of attack.
The vast majority of exploits of that nature take less than 60 seconds. It is nothing at all interesting or special or rare that it took < 60 seconds. Just clickbait, like every year when pwn2own rolls around.
