Particle.news

Download on the App Store

Pwn2Own Ireland 2025 Opens Registration With $1 Million Zero-Click WhatsApp Prize

Researchers have until October 16 to register for the Cork event where vendors must roll out patches within 90 days.

Image
Pwn2Own hacking competition
Image

Overview

  • The record $1 million top bounty incentivizes zero-click remote code execution hacks on WhatsApp, up from $300,000 at Pwn2Own Ireland 2024 when no submissions emerged.
  • Tiered WhatsApp rewards include $500,000 for one-click code execution, $150,000 for zero-click account takeover and $130,000 for zero-click microphone, camera or data-access exploits.
  • Expanded mobile targets encompass Google Pixel 9 and iPhone 16 for up to $300,000 per exploit and Samsung Galaxy devices for $50,000, with a new USB port attack vector supplementing traditional wireless methods.
  • Meta wearables such as Ray-Ban smart glasses and Quest VR headsets carry bounties between $30,000 for jailbreaks and $150,000 for zero-click remote code execution flaws.
  • Additional prizes cover SOHO network attacks (up to $100,000), NAS and smart-home device hacks (up to $50,000), surveillance systems (up to $30,000) and printers (up to $20,000) under the contest’s responsible-disclosure policy.