$800K+ Up for Grabs: 12 AI Hacking Competitions That Could Launch Your Security Career
Surveying the best AI security competitions entering Q4 2025
The contemporary AI security competition scene boasts a combined prize pool of over $800,000, with events spanning from government-sponsored challenges to startup-led jailbreaking championships. Based on comprehensive research across academic institutions, industry leaders, and security communities, the following is a list of confirmed AI-focused Capture the Flag (CTF) competitions scheduled to take place during and after Q4 2025, organized by difficulty level.
Beginner/Easy Level Competitions
1. OWASP FinBot Agentic AI CTF (Ongoing Platform)
Organizer: OWASP GenAI Security Project
Dates: Continuously available
Format: Interactive "Juice Shop for Agentic AI" platform
Registration: Open access through the OWASP GenAI website
Focus Areas: Goal manipulation attacks in agentic AI systems, particularly in financial services contexts. Participants learn to identify and exploit vulnerabilities in AI agent decision-making processes.
Difficulty Indicators: Designed as an educational platform with progressive challenges, comprehensive documentation, and beginner-friendly interfaces. No advanced ML knowledge required.
Website: https://genai.owasp.org/resource/finbot-agentic-ai-capture-the-flag-ctf-application/
2. Hack The Box AI Prompt Injection Essentials (Ongoing)
Organizer: HackTheBox
Dates: Continuously available
Format: Self-paced challenge pack with structured learning path
Registration: HTB platform membership (free tier available)
Focus Areas: Fundamental prompt injection techniques, basic jailbreaking methods, and introductory LLM manipulation. Challenges cover OWASP Top 10 for LLMs with space-themed scenarios.
Difficulty Indicators: Entry-level challenges requiring basic Python and web interaction skills. Solutions are achievable through web interfaces and simple scripting.
Prerequisites: Basic programming knowledge, understanding of HTTP requests
Website: https://www.hackthebox.com/
Intermediate/Medium Level Competitions
3. Singapore AI CTF 2025
Organizer: GovTech's Cybersecurity Group (CSG) & Cyber Security Agency of Singapore
Dates: October 11-21, 2025
Preliminary Round: October 11, 8:00 AM - October 13, 8:00 AM SGT (48 hours virtual)
Finals: October 21, 12:30 PM - 4:30 PM SGT (Marina Bay Sands, physical)
Registration: Opens September 17, 2025 (contact: ctf@tech.gov.sg)
Team Size: Maximum 4 members
Format: Two-round competition with jeopardy-style challenges
Categories: Open (international) and Pre-University (Singapore only)
Focus Areas: Cross-domain AI security challenges, including machine learning vulnerabilities, adversarial attacks, and unique in-house developed AI security scenarios. Challenges span multiple difficulty levels within the intermediate range.
Prizes: SGD 19,000 total (Open Category: 1st - SGD 10,000, 2nd - SGD 6,000, 3rd - SGD 3,000)
Difficulty Indicators: Requires a solid understanding of ML fundamentals, experience with adversarial examples, and the ability to work with AI security frameworks
Website: https://www.tech.gov.sg/events/singapore-ai-ctf-2025
4. CyberQ Hackathon 2025
Organizer: CyberQ Conference (UAE)
Dates: October 20 - Nov 27, 2025
First Round: October 20-21, 2025 (Online)
Final Round: November 26-27, 2025 (In-person at CyberQ Conference)
Awards Ceremony: November 27, 2025
Format: Two-round competition with real-time progress tracking
Focus Areas: Next-generation cryptography, post-quantum algorithms, and AI vulnerability assessment. Challenges integrating AI security with cryptographic protocols and quantum-resistant designs.
Difficulty Indicators: Requires knowledge of both AI/ML and cryptographic concepts. Multi-stage attacks and optimization problems are typical at this level.
Regional Focus: Middle East cybersecurity community with international participation
Website: https://cyberq.ctf.ae/
Resources:
5. CAMLIS 2025 Red Workshop
Organizer: Conference on Applied Machine Learning in Information Security
Dates: October 22-24, 2025 (Arlington, VA)
Format: Hands-on workshop within an academic conference
Focus Areas: Real-world AI security applications, operational field testing, and purple team demonstrations. Emphasis on practical, deployable AI security solutions rather than theoretical attacks.
Target Audience: Mix of academic researchers and industry practitioners
Difficulty Indicators: Intermediate level with focus on practical implementation. Requires understanding of both offensive and defensive AI security techniques.
Website: https://www.camlis.org/
6. Web3 HackFest 2025
Organizer: Ho Chi Minh City Economic Forum
Dates: November 8-9, 2025 (Ho Chi Minh City, Vietnam)
Format: Multi-day festival combining conferences, exhibitions, and hackathons
Focus Areas: Convergence of Web3 and AI technologies, blockchain-integrated AI security, and decentralized AI system vulnerabilities. Unique challenges at the intersection of distributed systems and AI.
Government Support: Backed by Ho Chi Minh City People's Committee
Difficulty Indicators: Requires understanding of both blockchain and AI technologies. Smart contract interactions with AI models present novel intermediate-level challenges.
Website: https://web3hackfest.org/
Advanced/hard level competitions
7. T Challenge 2026 - Building The AI-Native Telco
Organizer: Telecom industry consortium
Dates: Applications due December 5, 2025; Competition extends into 2026
Format: Research and innovation challenge with long-term project development
Prize Pool: €450,000 total
Focus Areas: AI-powered cybersecurity solutions for telecommunications, zero-day exploit detection, self-healing AI environments, and AI-driven advisory systems. Emphasis on developing production-ready AI security innovations.
Difficulty Indicators: Requires research-level expertise, novel technique development, and the ability to create deployable solutions. Teams typically include PhD-level researchers.
Website: https://t-challenge.com
8. NeurIPS 2025 AI Security Competitions
Organizer: NeurIPS Conference
Dates: December 2-7, 2025 (San Diego) / November 30 - December 5, 2025 (Mexico City)
Format: Multiple competition tracks (18 competitions accepted)
Focus Areas: This varies by track but includes adversarial robustness, privacy-preserving ML, backdoor detection, and certified defenses. These are research-oriented challenges requiring novel approaches.
Target Audience: Academic researchers and advanced practitioners
Difficulty Indicators: Cutting-edge research problems, often requiring custom implementations and novel theoretical insights. Publication-quality solutions expected.
Website: https://neurips.cc/
Resources:
9. OpenAI Red-Teaming Challenge (Ongoing)
Organizer: OpenAI via Kaggle
Prize Pool: $500,000
Format: Continuous submission competition
Target Model: gpt-oss-20b and gpt-oss-120b
Focus Areas: Discovery of novel vulnerabilities in large language models. Emphasis on previously unknown attack vectors, sophisticated jailbreaking techniques, and systematic vulnerability analysis.
Difficulty Indicators: Rewards novel discoveries over known techniques. Requires a deep understanding of transformer architectures and the ability to develop new attack methodologies.
Platform: Kaggle competitions
Website: https://www.kaggle.com/competitions/openai-gpt-oss-20b-red-teaming
10. MITRE eCTF 2026
Organizer: MITRE Corporation
Kickoff Date: January 14, 2026
Format: Multi-month embedded systems security competition
Focus Areas: While not exclusively AI-focused, it includes secure AI deployment on embedded systems, hardware-level AI security, and supply chain protection for AI chips.
Target Audience: University teams with faculty advisors
Prizes: $25,000+ in prizes and travel grants
Difficulty Indicators: Requires systems-level security knowledge, hardware expertise, and understanding of AI deployment constraints
Website: https://ectf.mitre.org/
Specialized and Continuous Platforms
11. Hack The Box AI vs Human CTF Platform (Ongoing)
Format: Continuous AI agent evaluation platform
Recent Results: AI agents achieved 95% solve rate on security challenges
Focus Areas: Benchmarking AI capabilities against human security researchers, developing AI-resistant challenge designs, and testing collaborative human-AI security teams.
Difficulty: Varies from beginner to expert, with adaptive challenge selection
Website: https://www.hackthebox.com/
12. AI Village Community Challenges (Continuous)
Platform: Discord community and regular virtual events
Focus Areas: Collaborative research on prompt injection, model manipulation, and evaluation framework attacks
Access: Open community membership
Difficulty: All levels with mentorship available
Website: https://aivillage.org/
Competition landscape analysis reveals strategic entry points
The post-September 2025 AI CTF ecosystem demonstrates clear difficulty progression paths. Beginners can start with OWASP's FinBot platform to understand agentic AI vulnerabilities, then progress to Singapore's government-backed CTF for intermediate challenges with substantial prizes. Advanced practitioners should target the T Challenge's €450,000 innovation competition or OpenAI's $500,000 vulnerability discovery challenge.
The over $800,000 combined prize pool and the rise of government and industry sponsorship (e.g., Singapore, UAE) signal serious, professional investment in AI security talent. Competitions increasingly prioritize practical, deployable solutions and research over purely theoretical attacks, reflecting immediate industry needs.
Regional diversity is expanding, with strong representation from Southeast Asia (Singapore, Vietnam), the Middle East (UAE), and traditional tech hubs. The shift toward continuous platforms rather than time-limited events allows for ongoing skill development and makes AI security training more accessible globally.
Key preparation strategies by difficulty level
To maximize your competitive edge, tailor your preparation to your target difficulty:
Difficulty Level | Core Focus & Prerequisites | Team Strategy |
---|---|---|
Beginner | Universal Prerequisite: Mastery of prompt injection (e.g., via HTB essentials). Focus on LLM fundamentals and basic jailbreaking techniques. | An individual or Small Team (1-2 people) is sufficient on continuous platforms like FinBot. |
Intermediate | Deep understanding of the OWASP Top 10 for LLMs and the MITRE ATLAS framework, which appear consistently across organized CTFs. Practice adversarial examples. | A Medium Team (3-4 people) with complementary skills in security and machine learning is highly beneficial. |
Advanced | Expertise in developing novel attack methodologies and production-ready security solutions. Requires fluency with recent research from venues like SaTML, ICML, and NeurIPS. | A Specialized Team with expertise in areas like cryptography, embedded systems, or theoretical ML is often necessary for innovation challenges. |
Professionalizing AI Security
With substantial government backing, large prize pools, and innovative formats like AI vs. human competitions, the field of AI security is rapidly professionalizing. This shift, emphasizing multilingual testing and practical applications, underscores the real-world importance of this specialization. Whether you start with beginner platforms or compete for half-million-dollar prizes, this ecosystem provides clear, actionable paths for career progression.
The path from a CTF beginner to a cybersecurity professional runs through demonstrable skills. Combine competitive success with secure, well-maintained open source projects, and you'll build a portfolio that speaks louder than any resume.
Secure Your Open Source Projects with Snyk (For Free!)
If you're maintaining open source projects (or planning to start), Snyk's Secure Developer Program provides free, enterprise-grade security tooling specifically designed for open source maintainers. Add a Snyk security badge to your README to signal to employers and contributors that your project takes security seriously—a distinction that matters when tech recruiters review your profile.
What you get:
Full Snyk licenses with enterprise features and no usage limits
Automated vulnerability scanning integrated into your CI/CD pipeline
Community support through Snyk's Discord with security professionals
A professional security badge for your repository README
Eligibility is straightforward: Your project must be community-driven (not corporate-backed), and you'll add a link to Snyk in your README, allowing for co-branding with your project logo.
The path from CTF beginner to cybersecurity professional runs through demonstrable skills. Combine competitive success with secure, well-maintained open source projects, and you'll build a portfolio that speaks louder than any resume. Start competing, start building, and start securing your future.
Apply for Snyk's Secure Developer Program →
Snyk's Secure Developer Program
Powered by open source to keep open source secure
Get free access to Snyk for your open source projects.