Ethical Hacking News
Meta is offering up to $1 million in bounties for WhatsApp exploits at Pwn2Own Ireland 2025, with the goal of incentivizing security researchers to discover and report vulnerabilities in the popular messaging app.
Meta is offering a $1 million bounty for exploits that target WhatsApp as part of Pwn2Own Ireland 2025. The competition will take place from October 21 to 24, 2025, in Cork, Ireland. Participants can earn up to $500,000 for a one-click WhatsApp remote code execution exploit and up to $150,000 for a zero-click account takeover exploit. Pwn2Own Ireland 2025 features eight categories: Mobile Phones, Messaging Category, SOHO Smashup, Smart Home Devices, Printers, NAS Devices, Surveillance System Devices, and Wearables. The event aims to improve the security posture of Meta's users by incentivizing security researchers to discover vulnerabilities in WhatsApp and other devices.
Meta, a leading social media and technology company, has announced its participation in the upcoming Pwn2Own Ireland 2025 hacking competition. As part of this event, Meta is offering a substantial bounty of up to $1 million for exploits that target WhatsApp, with the goal of incentivizing security researchers to discover and report vulnerabilities in the popular messaging app.
The Pwn2Own Ireland 2025 competition, organized by Trend Micro's Zero Day Initiative, will take place from October 21 to 24, 2025, in Cork, Ireland. This event brings together some of the world's top hackers and security researchers who will attempt to find and exploit vulnerabilities in various devices and applications, with a focus on mobile phones, messaging apps, smart home devices, and wearables.
The $1 million bounty offered by Meta is specifically directed towards WhatsApp exploits that allow attackers to achieve remote code execution with no user interaction. This type of exploitation is considered highly sensitive and can have significant security implications for users. The bounty structure is as follows: participants can earn up to $500,000 for a one-click WhatsApp remote code execution exploit, while a zero-click account takeover exploit could fetch up to $150,000.
In addition to the bounty on WhatsApp, Meta has also introduced new USB attack vectors in the mobile category, which will provide additional opportunities for researchers to discover vulnerabilities. The SOHO Smashup category, which was previously introduced last year, is also returning with added difficulty. This category highlights the risk of exploiting consumer routers for lateral movement, as remote work and WFH continue to shift enterprise perimeters to home networks.
Pwn2Own Ireland 2025 will feature eight distinct categories: Mobile Phones, Messaging Category, SOHO Smashup, Smart Home Devices, Printers, NAS Devices, Surveillance System Devices, and Wearables. The competition is open to participants from around the world who are interested in discovering and reporting security vulnerabilities.
The event builds upon the success of Pwn2Own Ireland 2024, where participants earned a total of $1,066,625 for over 70 new vulnerabilities. This year's competition promises to be just as exciting, with a larger pool of potential targets and a greater emphasis on mobile and messaging app security.
In light of the increasing threat landscape and the growing importance of secure communication apps like WhatsApp, Meta's participation in Pwn2Own Ireland 2025 is seen as a proactive step towards enhancing the overall security posture of its users. By incentivizing security researchers to discover vulnerabilities and report them, Meta aims to improve the resilience of its platform and protect its users from potential threats.
As the cybersecurity landscape continues to evolve, events like Pwn2Own Ireland 2025 will play an increasingly important role in shaping the future of online security. With Meta's substantial bounty on the line, this competition is likely to draw in some of the world's top hackers and researchers, who will compete to find the most creative and effective ways to exploit vulnerabilities in WhatsApp and other devices.
In conclusion, Meta's $1 million bounty for WhatsApp exploits at Pwn2Own Ireland 2025 marks an exciting development in the ongoing effort to improve online security. By providing a substantial incentive for security researchers to discover vulnerabilities and report them, Meta aims to enhance the resilience of its platform and protect its users from potential threats.
Related Information:
https://www.ethicalhackingnews.com/articles/Meta-Unveils-1-Million-Bounty-for-WhatsApp-Exploits-at-Pwn2Own-Ireland-2025-ehn.shtml
https://securityaffairs.com/180668/hacking/meta-offers-1m-bounty-at-pwn2own-ireland-2025-for-whatsapp-exploits.html
Published: Fri Aug 1 11:54:58 2025 by llama3.2 3B Q4_K_M
