China’s Tianfu Cup hacking contest made its return in 2026, now overseen by the government and marked by limited transparency.
Tianfu Cup was launched as an alternative to the Zero Day Initiative’s Pwn2Own competition, which regularly pays out more than $1 million to white hat hackers who demonstrate critical vulnerabilities in consumer and enterprise hardware and software, industrial control systems, and automotive products.
Tianfu Cup made headlines in 2021, when participants earned a total of $1.9 million for exploits targeting Windows, Ubuntu, iOS, Microsoft Exchange, Chrome, Safari, Adobe Reader, Asus routers, and various virtualization products.
The hacking competition took a break in 2022 and returned in 2023 with a focus on domestic products from companies such as Huawei, Xiaomi, Tencent, and Qihoo 360. Little information was provided about the results of the 2023 event.
After a two-year hiatus in 2024 and 2025, the Tianfu Cup returned in 2026, but again little information has been made public. The event took place January 29-30.
According to threat intelligence firm Natto Thoughts, the hacking competition is now organized by China’s Ministry of Public Security (MPS) and it appears to be even more secretive.
Eugenio Benincasa, an ETH Zurich cybersecurity researcher focusing on China, pointed out in a Natto Thoughts blog post that the MPS announced the Tianfu Cup on January 16. A few days later, a post announcing the event was also published on Tianfu Cup’s X account, but it was quickly removed.
A day later, the competition’s official website became inaccessible to visitors from outside of China, and after the event ended the website was completely taken offline.
Tianfu Cup targets
Natto Thoughts obtained the list of Tianfu Cup targets before the site was taken down. It included smartphones such as the iPhone 17, Xiaomi 14 Ultra, Honor Magic 7 Pro, Samsung Galaxy S24 Ultra, Google Pixel 9 Pro XL, Vivo X300, and Oppo Find X9 Pro.
A translation of the requirements for hacking these devices reads, “Ability to achieve remote code execution, sandbox escape, kernel privilege escalation, and local kernel privilege escalation on the competition device, thereby obtaining device privileges and data.”
In the operating systems category, hackers were invited to demonstrate exploits against Windows 11, Ubuntu, macOS, UOS, and KylinOS. The browsers category included Chrome, Edge, and Safari.
Targeted cloud and virtualization products included VMware ESXi, Oracle VirtualBox, ZStack Cloud, QEMU, and Docker Engine, with participants being asked to gain elevated privileges on the host system.
Hackers were also invited to fully compromise cybersecurity products from Hillstone Networks, Palo Alto Networks, and the Chinese firm Topsec.
The target list also included Microsoft Exchange Server and Coremail mail servers; WeChat, Feishu (Lark), Teams, Zoom, and DingTalk communication apps; and PostgreSQL, Dameng, TiDB, KingbaseES, GBase, and Redis databases.
Office applications such as Microsoft Office 365, WPS Office, Foxit PDF Editor, Adobe Acrobat Reader, Sogou, Weaver E-cology, Seeyon, and Yonyou YonBIP were also on the list.
Tianfu Cup 2026 also had an AI category that included Hugging Face, Ollama, OpenLLM, vLLM, Text Generation Inference (TGI), Dify, RagFlow, Coze Studio, LangChain, and ComfyUI, with the goal of achieving remote code execution in the default configuration.
New rules and smaller prizes
An industry insider with knowledge of the Tianfu Cup told SecurityWeek that “rules and targets have changed a lot” this year, but could not provide additional information.
Natto Thoughts noted that this year’s event featured a track in which participants used AI agents to identify vulnerabilities during the competition.
Another new track focused on reproducing exploits for known vulnerabilities.
While there appears to be no public information on individual rewards from this year’s competition, a press release from China’s MPS states a total prize pool of CN¥ 1 million (approximately $140,000), significantly smaller than five years ago.
The exploits will likely go to the Chinese government
Regulations implemented by China in 2021 require Chinese citizens who discover a zero-day vulnerability to report the details to the government and not disclose it to any third party outside the country.
One year later, Microsoft warned that Chinese nation-state threat actors had been leveraging the law to stockpile zero-days for their sophisticated attacks.
Evidence indicates that the exploits demonstrated at previous editions of the Tianfu Cup were used in cyberespionage operations by Chinese state-sponsored groups, and Natto Thoughts believes the vulnerabilities disclosed now will face a similar fate.
“The central role of the MPS in organizing the competition, combined with past episodes that raised long-standing suspicions and the absence of transparent [coordinated vulnerability disclosure] rules, suggests a system oriented toward vulnerability retention and state control rather than on vendor notification or coordinated disclosure,” the threat intel firm noted.
Related: $2.5 Million Offered at Upcoming ‘Matrix Cup’ Chinese Hacking Contest
Related: Singapore: Rootkits, Zero-Day Used in Chinese Attack on Major Telecom Firms
Related: Notepad++ Supply Chain Hack Conducted by China via Hosting Provider
