CHINA’S Tianfu Cup hacking contest returned in 2026 and is now overseen by the government, with the event framed by increased transparency concerns. The competition took place January 29-30, and the MPS announced the Tianfu Cup on January 16, with a subsequent post on the event’s X account that was soon removed.
Natto Thoughts notes that the website went offline to visitors outside China after the event, and that the prize pool was set at CN¥ 1 million (about $140,000), far smaller than the sums seen in previous years. The rules and targets are reported to have changed significantly, with new tracks including AI-assisted vulnerability identification and a track focused on reproducing exploits for known vulnerabilities.
The Natto Thoughts analysis suggests the central role of the MPS and a tendency toward secrecy and retention of vulnerabilities, rather than vendor coordination or disclosure, and claims that exploits from Tianfu Cup are often linked to Chinese state activity.