Cloud safety big Wiz has introduced a brand new hacking competitors the place contributors can earn vital rewards for demonstrating exploits towards extensively used cloud software program.
The competitors is called Zeroday.Cloud and it affords contributors a complete of $4.5 million in bug bounties. safety researchers should submit their entry by December 1 and they’re going to reveal their exploits dwell on stage on the Black Hat Europe convention happening December 10-11 in London.
Wiz has teamed up with AWS, Google Cloud and Microsoft for Zeroday.Cloud. It’s value noting that Google has introduced plans to amass Wiz for $32 billion.
The Zeroday.Cloud hacking competitors covers six classes. Considered one of them is AI, with contributors being provided most prizes ranging between $25,000 and $40,000 for hacking merchandise corresponding to Ollama, vLLM, and Nvidia Container Toolkit.
Within the Kubernetes and cloud native class, prizes vary between $10,000 and $80,000 for exploits concentrating on the Kubernetes API Server, Kubelet Server, Grafana, Prometheus, and Fluent Bit. The best reward is for Kubernetes API Server exploits.
The containers and virtualization class covers Docker, Containerd, and Linux Kernel, with prizes ranging between $30,000 and $60,000.
Within the net server class, contributors can earn as much as $300,000 for Nginx exploits, $100,000 for Tomcat exploits, and as much as $50,000 for Caddy and Envoy vulnerabilities.
Database hacks can even earn vital rewards — as much as $100,000 is being provided for unauthenticated distant code execution exploits concentrating on Redis, PostgreSQL, and MariaDB. Commercial. Scroll to proceed studying.
Vulnerabilities in DevOps and automation software program corresponding to Apache Airflow, Jenkins, and GitLab CE can earn Zeroday.Cloud contributors as much as $40,000.
“Submitted exploits ought to lead to complete compromise of the goal, which means a full Container/VM Escape for the Virtualization class, and a 0-click Distant Code Execution (RCE) vulnerability for different targets,” defined Nir Ohfeld, head of vulnerability analysis at Wiz.
Given the numerous prize pool and the standing of its backers, the cloud hacking competitors has a excessive chance of success. Nevertheless, it additionally seems to be dealing with some controversy.
Pattern Micro, whose Zero Day Initiative (ZDI) has been organizing the Pwn2Own hacking competitors for almost twenty years, has accused Wiz of copying some sections of its guidelines word-for-word.
Associated: $1 Million Provided for WhatsApp Exploit at Pwn2Own Eire 2025
Associated: VMware Flaws That Earned Hackers $340,000 at Pwn2Own Patched
Associated: Microsoft Gives $5 Million at Zero Day Quest Hacking Contest
