Meta Backs Pwn2Own Ireland 2025: $1 Million Prize for Zero-Click WhatsApp Hack Shakes Cybersecurity World

In a groundbreaking move, Meta is co-sponsoring the upcoming Pwn2Own Ireland 2025 hacking competition, promising massive rewards for hackers who can uncover critical vulnerabilities—especially in WhatsApp, smartphones, and wearable devices. This prestigious event, organized by Trend Micro’s Zero Day Initiative (ZDI), will take place from October 21 to 24 in Cork, Ireland. Security researchers and hackers worldwide are gearing up for the challenge, motivated by the jaw-dropping \$1 million prize Meta has set for a zero-click WhatsApp exploit enabling remote code execution without any user interaction.

Pwn2Own Ireland 2025 features eight competitive categories, each targeting different devices and attack vectors. Apart from the headline \$1 million bounty, participants can earn up to \$500,000 for a one-click WhatsApp remote code execution exploit, or \$150,000 for a zero-click account takeover. A notable addition this year is the return of the SOHO Smashup category, which challenges contestants to breach complex consumer routers used in home office setups, highlighting how remote work environments are becoming prime targets for cyberattacks. Compromising both router targets within 30 minutes in this category will net hackers \$100,000.

Wearable devices are also in the spotlight, with bounties reaching up to \$150,000 for zero-click remote code execution on Ray-Ban smart glasses and Meta Quest VR headsets. The event even rewards \$30,000 for “self-jailbreak” exploits on these wearables. These rewards reflect the growing importance and risk associated with emerging consumer tech and the sophisticated attacks they attract.

Last year’s Pwn2Own Ireland 2024 was a resounding success, with over 70 new vulnerabilities exposed and more than \$1 million awarded to participants. With Meta’s direct involvement and these record-breaking payouts, the 2025 event is set to push the boundaries of cybersecurity research even further.

What Undercode Say:

Meta’s sponsorship of Pwn2Own Ireland 2025 marks a critical milestone in the escalating cybersecurity arms race between tech giants and hackers. Offering \$1 million for a zero-click WhatsApp exploit signals just how seriously Meta takes the security of its messaging platform—a critical communication tool used by over two billion people worldwide. Zero-click exploits are particularly dangerous as they require no user interaction, making them nearly impossible to detect and prevent with conventional security measures.

The inclusion of multiple categories, from smartphones to wearables and home routers, reflects the expanding attack surface in today’s interconnected world. Work-from-home trends have transformed consumer routers from low-priority devices into valuable hacking targets that can be leveraged for lateral movement into enterprise networks. The SOHO Smashup category’s complexity illustrates this shift, pushing researchers to think beyond traditional endpoints.

Meta’s investment also underscores a broader industry trend: companies are increasingly collaborating with the hacker community to identify and patch vulnerabilities before they are exploited maliciously. Bug bounty competitions like Pwn2Own serve as a vital part of proactive defense, fostering innovation and discovery in security research. This public-private synergy enhances digital trust and protects billions of users from evolving threats.

However, this also paints a stark picture of the sophistication of modern cyber threats. The high payouts are an acknowledgment that attackers with advanced skills and zero-click capabilities could cause devastating damage if these vulnerabilities fall into the wrong hands. As such, events like Pwn2Own not only reward white-hat hackers but also provide crucial intelligence to harden defenses.

Looking forward, we can expect the lines between consumer and enterprise security to blur further. As wearables and IoT devices become everyday essentials, they will increasingly become the battlegrounds for cybersecurity. Meta’s commitment to this event sets a precedent for tech companies to invest heavily in securing the next generation of connected devices.

Fact Checker Results 🔍

✅ Meta has officially co-sponsored Pwn2Own Ireland 2025 and offered \$1 million for a zero-click WhatsApp remote code execution exploit.
✅ The event is organized by Trend Micro’s Zero Day Initiative and will be held in Cork, Ireland, from October 21 to 24.
❌ No evidence suggests payouts or categories have changed since last year’s announcement beyond what is publicly stated.

📊 Prediction

With Meta’s aggressive backing and the growing complexity of attack surfaces, Pwn2Own Ireland 2025 will likely reveal some of the most sophisticated zero-click exploits seen to date, especially targeting WhatsApp and wearable tech. This surge in vulnerability discoveries will accelerate patch deployments and force device manufacturers to bolster security protocols. In the long term, such high-stakes competitions will drive innovation in automated threat detection and zero-trust architectures, reshaping cybersecurity standards across the tech ecosystem. Expect industry-wide ripples that elevate not only defenses but also awareness of the fragile security of everyday devices.