The cybersecurity world is abuzz following an unprecedented announcement from Trend Micro’s Zero Day Initiative (ZDI) for the upcoming Pwn2Own Ireland 2025 competition. In a move that highlights the critical importance of securing global messaging platforms, ZDI has announced a record-breaking $1 million bounty for a successful 0-click Remote Code Execution (RCE) exploit targeting WhatsApp. Co-sponsored by Meta, this massive payout is the largest single prize in the contest’s history.
The Pwn2Own competition, a premier event for ethical hackers, challenges researchers to find and exploit vulnerabilities in widely used software and hardware. The “0-click RCE” exploit is a highly sought-after and dangerous type of vulnerability. As the name suggests, it allows an attacker to take over a device without any user interaction. This means the victim doesn’t need to open a malicious link, download a file, or perform any action; simply receiving a crafted message could be enough to compromise their device. This makes 0-click exploits extremely valuable to both security researchers and malicious actors, including nation-state groups and sophisticated cybercriminals.
Meta, the parent company of WhatsApp, is co-sponsoring the event, demonstrating a proactive approach to security research. This significant investment in the bounty program reflects the company’s commitment to fortifying the security of WhatsApp, a platform with over three billion users globally. The substantial increase from last year’s $300,000 prize for a similar exploit shows the heightened focus on this particularly insidious class of vulnerability.
The messaging category at Pwn2Own Ireland 2025 will feature various reward tiers. While a successful 0-click RCE exploit will earn the top prize of $1 million, other vulnerabilities, such as those requiring minimal user interaction or top to privilege escalation, will also be rewarded with significant payouts. This tiered approach encourages a complete exploration of WhatsApp’s security, from its core functions to its ancillary features.
Pwn2Own Ireland 2025 is scheduled to take place in Cork from October 21-24. In addition to the headline-grabbing WhatsApp challenge, the competition will feature eight other categories, including exploits for mobile phones like the iPhone 16 Pro and Samsung Galaxy S24, as well as targets like smart home devices, printers, and network-attached storage systems. The competition’s record-setting prize for the WhatsApp exploit is a testament to the ever-escalating stakes in the world of cybersecurity, pushing top researchers to uncover the most critical vulnerabilities before they can be exploited in the wild.
![Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]](https://sumtrix.com/wp-content/uploads/2025/06/30-12-120x86.jpg "Online Scam Cases Continue to Rise Despite Crackdowns on Foreign Fraud Networks [Myanmar]")
