CYBERNEWSMEDIA Network:||
CYBERNEWSMEDIA
CYBERNEWSMEDIA

Cybersecurity News, Insights & Analysis

Latest
TrueConf Zero-Day Exploited in Asian Government Attacks
In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware
Critical ShareFile Flaws Lead to Unauthenticated RCE
Mobile Attack Surface Expands as Enterprises Lose Control
React2Shell Exploited in Large-Scale Credential Harvesting Campaign
AD · 970×250

Vulnerabilities

$1 Million Offered for WhatsApp Exploit at Pwn2Own Ireland 2025

Meta is sponsoring ZDI’s Pwn2Own hacking competition, where participants can earn big prizes for smartphone, WhatsApp and wearable device exploits. The post $1 Million Offered for WhatsApp Exploit at Pwn2Own Ireland 2025 appeared first on SecurityWeek.

Tianfu Cup hacking competition

Trend Micro’s Zero Day Initiative (ZDI) has announced the targets and prizes for the upcoming Pwn2Own hacking event, set to take place in Cork, Ireland, on October 21-24.

Meta is a sponsor of Pwn2Own Ireland 2025 and up to $1 million is being offered for a WhatsApp exploit that enables remote code execution with no user interaction.

In addition, a one-click WhatsApp remote code execution exploit can earn participants up to $500,000, while a zero-click account takeover exploit can be worth up to $150,000. 

Remote zero-click exploits that enable access to the microphone or video feed, or access to sensitive user data are worth up to $130,000. An exploit that enables access to user data is worth the same amount even if it requires one click.

At last year’s Pwn2Own Ireland hacking competition, a zero-click WhatsApp exploit was worth up to $300,000, but no one demonstrated such exploits. Meta and ZDI are significantly increasing the reward this year.

Pwn2Own participants can this year earn up to $300,000 for remote exploits targeting Pixel 9 and iPhone 16 smartphones. A remote Samsung Galaxy hack is worth $50,000. USB has also been introduced as an attack vector this year. 

Significant prizes are also being offered for exploits targeting Meta wearables, including Meta Ray-Ban smart glasses and the Meta Quest VR headset. Prizes range between $30,000 for jailbreaks and $150,000 for zero-click remote code execution.

Researchers can earn up to $100,000 in the SOHO Smashup category, where they need to compromise a networking device and then move laterally on the network to hack a smart speaker, NAS device, or camera.

Other categories include NAS, smart home devices (both categories with rewards of up to $50,000), surveillance systems (up to $30,000), and printers (up to $20,000). 

More than $1 million was paid out at Pwn2Own Ireland 2024 for exploits targeting smartphones, cameras, printers, NAS devices and smart speakers.

Related: Hackers Earn $886,000 at Pwn2Own Automotive 2025 for Charger, OS, Infotainment Exploits

Related: VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched

Related: WhatsApp Vulnerability Could Facilitate Remote Code Execution

Latest News

CYBERNEWSMEDIAPublisher