17.12.2025
2 min
418
The first hacking competition fully dedicated to cloud technologies has awarded security researchers $320,000 for demonstrating 11 critical zero-day vulnerabilities. Held in London, the Zeroday Cloud event exposed real-world risks affecting modern cloud infrastructure and proved that even core cloud components remain vulnerable.
Zeroday Cloud was organized by Wiz Research in partnership with Amazon Web Services, Microsoft, and Google Cloud. Across 13 hacking sessions, researchers successfully executed attacks in 85% of attempts, focusing on foundational elements of cloud environments.
On the first day, $200,000 was awarded for exploits targeting Redis, PostgreSQL, Grafana, and the Linux kernel. During the second day, an additional $120,000 was paid out for successful attacks against Redis, PostgreSQL, and MariaDB — databases commonly used to store credentials, secrets, and sensitive user data.
One of the most critical findings was a Linux kernel zero-day enabling container escape and breaking isolation between cloud tenants, undermining one of the core security guarantees of cloud computing. Researchers from Zellic and DEVCORE earned $40,000 for their successful exploits, while Team CCC received the highest single bounty payment. Team Xint Code was crowned the overall winner after exploiting Redis, MariaDB, and PostgreSQL, taking home $90,000.
Artificial intelligence was also in scope, with attempted attacks on vLLM and Ollama that could have exposed private AI models, datasets, and prompts. However, these attempts failed due to time constraints.
Despite the success, the $320,000 awarded represents only a small portion of the total $4.5 million prize pool. No successful exploits were recorded for Kubernetes, Docker, Jenkins, GitLab CE, Apache Airflow, or major web servers.
Zeroday Cloud clearly demonstrated that cloud security is an ongoing technical challenge rather than a theoretical concept. Even mature and widely deployed cloud components can contain critical vulnerabilities capable of breaking isolation and trust between tenants.
