Hi there! Have you ever considered the notion of hacking — the ‘legal’ sort? There is a new competition called Zeroday Cloud which is offering $4.5 million in prizes to hackers who find bugs in cloud and AI software. Yes, $4.5 million to find bugs before the baddies do!
Does that sound intriguing to you? Let's find out more about this contest.
The contest is hosted by Wiz Research, with backers such as Microsoft, Google Cloud, and AWS. The contest will occur at Black Hat Europe London December 10-11, 2025.
Participants will exploit a number of well- known open-source tools, including:
The contest is conducted as follows:
1. You will register and have to verify your identity through HackerOne.
2. You may explore multiple tools during the event, but only one bug can be submitted per target.
3. The bug must show either full access or remote access; a remote access is known as a "zero-click exploit".
4. If you are selected as a finalist, you will be presenting the hacks live for judges from Wiz and the major cloud vendors.
5. And unfortunately, anyone located in a restricted country, such as China, Russia or Iran will not be eligible to participate.
Some are saying it looks a lot like Pwn2Own - another established hacking event. The organizers simply said they chose what they knew, since the model works.
It's good for you! The contest helps keep the internet secure for all of us. This is why it matters:
• It creates a legitimate way for ethical hackers to get paid for their work.
• It helps software companies working on cloud and AI technologies make attacks less successful.
• It is sponsored by many of the largest companies in technology including Microsoft and Google.
• It focuses on the development and testing of real tools used by thousands of companies in a realistic environment.
Besides, it is a nice prize, $4.5 million!
1. Keep in mind that you must be eligible to participate (check your country eligibility).
2. Register for HackerOne.
3. Determine which category you feel most familiar with - cloud, AI, or containers.
4. Simulate exploiting real world tools in a testing context before doing the same in an external context.
5. Get creative - great ideas will always win over brute force!
Even if you do not win money, you will learn a lot and develop skills that will be marketable.
This is a legal and fun way to apply your hacking skills for potential serious money and to help make the digital world more secure.
You never know! You may be the next hacker to be able to turn vulnerabilities into a lot of money!
Does that sound intriguing to you? Let's find out more about this contest.
What Is Zeroday Cloud?
Zeroday Cloud is a global hacking competition for security researcher hackers to hack zero-day bugs — new and unknown security vulnerabilities — in cloud and AI software.The contest is hosted by Wiz Research, with backers such as Microsoft, Google Cloud, and AWS. The contest will occur at Black Hat Europe London December 10-11, 2025.
Participants will exploit a number of well- known open-source tools, including:
- AI software like Ollama, vLLM, and Nvidia Container Toolkit
- Cloud and Kubernetes software, including Grafana and Prometheus, Kubelet
- Container software like Docker and Linux Kernel
- Web servers like Web servers (Nginx, Apache Tomcat)
- Databases such as (Redis, PostgreSQL)
- DevOps software such as GitLab CE and Jenkins
The contest is conducted as follows:
1. You will register and have to verify your identity through HackerOne.
2. You may explore multiple tools during the event, but only one bug can be submitted per target.
3. The bug must show either full access or remote access; a remote access is known as a "zero-click exploit".
4. If you are selected as a finalist, you will be presenting the hacks live for judges from Wiz and the major cloud vendors.
5. And unfortunately, anyone located in a restricted country, such as China, Russia or Iran will not be eligible to participate.
Some are saying it looks a lot like Pwn2Own - another established hacking event. The organizers simply said they chose what they knew, since the model works.
It's good for you! The contest helps keep the internet secure for all of us. This is why it matters:
• It creates a legitimate way for ethical hackers to get paid for their work.
• It helps software companies working on cloud and AI technologies make attacks less successful.
• It is sponsored by many of the largest companies in technology including Microsoft and Google.
• It focuses on the development and testing of real tools used by thousands of companies in a realistic environment.
Besides, it is a nice prize, $4.5 million!
Ways To Get Involved
If it sounds interesting, here is how to get involved:1. Keep in mind that you must be eligible to participate (check your country eligibility).
2. Register for HackerOne.
3. Determine which category you feel most familiar with - cloud, AI, or containers.
4. Simulate exploiting real world tools in a testing context before doing the same in an external context.
5. Get creative - great ideas will always win over brute force!
Even if you do not win money, you will learn a lot and develop skills that will be marketable.
Closing Remarks
In closing, Zeroday Cloud is risking up to $4.5 million to people that can find security vulnerabilities in cloud and AI systems. This is sponsored by many of the largest technology companies in the world and will take place in London in December.This is a legal and fun way to apply your hacking skills for potential serious money and to help make the digital world more secure.
You never know! You may be the next hacker to be able to turn vulnerabilities into a lot of money!
