#bugbounties — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #bugbounties, aggregated by home.social.
-
🚀 Curl bravely steps into 2023 by axing bug bounties, proving AI is now even better at generating nonsense than humans. Meanwhile, Jumi suspects JavaScript's latest conspiracy to disable itself and ruin everyone's day. 🙃
https://etn.se/index.php/nyheter/72808-curl-removes-bug-bounties.html #Curl2023 #AIvsHumans #JavaScriptConspiracy #BugBounties #TechNews #HackerNews #ngated -
🚀 Curl bravely steps into 2023 by axing bug bounties, proving AI is now even better at generating nonsense than humans. Meanwhile, Jumi suspects JavaScript's latest conspiracy to disable itself and ruin everyone's day. 🙃
https://etn.se/index.php/nyheter/72808-curl-removes-bug-bounties.html #Curl2023 #AIvsHumans #JavaScriptConspiracy #BugBounties #TechNews #HackerNews #ngated -
🚀 Curl bravely steps into 2023 by axing bug bounties, proving AI is now even better at generating nonsense than humans. Meanwhile, Jumi suspects JavaScript's latest conspiracy to disable itself and ruin everyone's day. 🙃
https://etn.se/index.php/nyheter/72808-curl-removes-bug-bounties.html #Curl2023 #AIvsHumans #JavaScriptConspiracy #BugBounties #TechNews #HackerNews #ngated -
🚀 Curl bravely steps into 2023 by axing bug bounties, proving AI is now even better at generating nonsense than humans. Meanwhile, Jumi suspects JavaScript's latest conspiracy to disable itself and ruin everyone's day. 🙃
https://etn.se/index.php/nyheter/72808-curl-removes-bug-bounties.html #Curl2023 #AIvsHumans #JavaScriptConspiracy #BugBounties #TechNews #HackerNews #ngated -
UK Government Considers Computer Misuse Act Revision:
https://www.databreachtoday.com/uk-government-considers-computer-misuse-act-revision-a-30197
Protections for researchers and whitehats are definitely needed. Let's see some specific language to respond to.
-
UK Government Considers Computer Misuse Act Revision:
https://www.databreachtoday.com/uk-government-considers-computer-misuse-act-revision-a-30197
Protections for researchers and whitehats are definitely needed. Let's see some specific language to respond to.
-
UK Government Considers Computer Misuse Act Revision:
https://www.databreachtoday.com/uk-government-considers-computer-misuse-act-revision-a-30197
Protections for researchers and whitehats are definitely needed. Let's see some specific language to respond to.
-
UK Government Considers Computer Misuse Act Revision:
https://www.databreachtoday.com/uk-government-considers-computer-misuse-act-revision-a-30197
Protections for researchers and whitehats are definitely needed. Let's see some specific language to respond to.
-
UK Government Considers Computer Misuse Act Revision:
https://www.databreachtoday.com/uk-government-considers-computer-misuse-act-revision-a-30197
Protections for researchers and whitehats are definitely needed. Let's see some specific language to respond to.
-
There was a stroke of luck, a twist of fate (actually a bounty payment) and today we have tire change 😎
-
There was a stroke of luck, a twist of fate (actually a bounty payment) and today we have tire change 😎
-
There was a stroke of luck, a twist of fate (actually a bounty payment) and today we have tire change 😎
-
There was a stroke of luck, a twist of fate (actually a bounty payment) and today we have tire change 😎
-
There was a stroke of luck, a twist of fate (actually a bounty payment) and today we have tire change 😎
-
Engadget: Apple doubles its biggest bug bounty reward to $2 million. “It has doubled its top award from $1 million to $2 million for the discovery of ‘exploit chains that can achieve similar goals as sophisticated mercenary spyware attacks’ and which requires no user interaction. But the maximum possible payout can exceed $5 million dollars for the discovery of more critical vulnerabilities, […]
https://rbfirehose.com/2025/10/13/engadget-apple-doubles-its-biggest-bug-bounty-reward-to-2-million/
-
Engadget: Apple doubles its biggest bug bounty reward to $2 million. “It has doubled its top award from $1 million to $2 million for the discovery of ‘exploit chains that can achieve similar goals as sophisticated mercenary spyware attacks’ and which requires no user interaction. But the maximum possible payout can exceed $5 million dollars for the discovery of more critical vulnerabilities, […]
https://rbfirehose.com/2025/10/13/engadget-apple-doubles-its-biggest-bug-bounty-reward-to-2-million/
-
Engadget: Apple doubles its biggest bug bounty reward to $2 million. “It has doubled its top award from $1 million to $2 million for the discovery of ‘exploit chains that can achieve similar goals as sophisticated mercenary spyware attacks’ and which requires no user interaction. But the maximum possible payout can exceed $5 million dollars for the discovery of more critical vulnerabilities, […]
https://rbfirehose.com/2025/10/13/engadget-apple-doubles-its-biggest-bug-bounty-reward-to-2-million/
-
🐞💰 Bug bounties: the latest get-rich-slow scheme for those with more keyboard skills than social skills 🙄. Apparently, all you need is four years and a "unique personality" to achieve mediocrity-level success, as proudly demonstrated by Ozgur Alp, our self-appointed guru of vague advice. 🚀💸
https://ozguralp.medium.com/how-to-start-bug-bounties-101-how-to-make-a-million-in-4-years-e15ee62d6f4 #BugBounties #KeyboardSkills #GetRichSlow #UniquePersonality #MediocritySuccess #HackerNews #ngated -
🐞💰 Bug bounties: the latest get-rich-slow scheme for those with more keyboard skills than social skills 🙄. Apparently, all you need is four years and a "unique personality" to achieve mediocrity-level success, as proudly demonstrated by Ozgur Alp, our self-appointed guru of vague advice. 🚀💸
https://ozguralp.medium.com/how-to-start-bug-bounties-101-how-to-make-a-million-in-4-years-e15ee62d6f4 #BugBounties #KeyboardSkills #GetRichSlow #UniquePersonality #MediocritySuccess #HackerNews #ngated -
🐞💰 Bug bounties: the latest get-rich-slow scheme for those with more keyboard skills than social skills 🙄. Apparently, all you need is four years and a "unique personality" to achieve mediocrity-level success, as proudly demonstrated by Ozgur Alp, our self-appointed guru of vague advice. 🚀💸
https://ozguralp.medium.com/how-to-start-bug-bounties-101-how-to-make-a-million-in-4-years-e15ee62d6f4 #BugBounties #KeyboardSkills #GetRichSlow #UniquePersonality #MediocritySuccess #HackerNews #ngated -
🐞💰 Bug bounties: the latest get-rich-slow scheme for those with more keyboard skills than social skills 🙄. Apparently, all you need is four years and a "unique personality" to achieve mediocrity-level success, as proudly demonstrated by Ozgur Alp, our self-appointed guru of vague advice. 🚀💸
https://ozguralp.medium.com/how-to-start-bug-bounties-101-how-to-make-a-million-in-4-years-e15ee62d6f4 #BugBounties #KeyboardSkills #GetRichSlow #UniquePersonality #MediocritySuccess #HackerNews #ngated -
$81M in bug bounties proves it: AI isn’t just creating new vulnerabilities—it’s transforming who's hunting them. Are we ready for an era of autonomous agents and bionic hackers?
#aiincybersecurity
#bugbounties
#aivulnerabilities
#cybersecuritytrends
#autonomousagents -
$81M in bug bounties proves it: AI isn’t just creating new vulnerabilities—it’s transforming who's hunting them. Are we ready for an era of autonomous agents and bionic hackers?
#aiincybersecurity
#bugbounties
#aivulnerabilities
#cybersecuritytrends
#autonomousagents -
$81M in bug bounties proves it: AI isn’t just creating new vulnerabilities—it’s transforming who's hunting them. Are we ready for an era of autonomous agents and bionic hackers?
#aiincybersecurity
#bugbounties
#aivulnerabilities
#cybersecuritytrends
#autonomousagents -
#AIslop and fake reports are exhausting #security #bugbounties
The world of #cybersecurity is not immune to this problem. In last year, people across the cybersecurity industry have raised concerns about #AI #slop #bugbounty reports, meaning reports that claim to have found #vulnerabilities that do not actually exist, because they were created with a #largelanguagemodel (#LLM) that simply made up the #vulnerability, and then packaged it into a professional-looking writeup
https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/ -
#AIslop and fake reports are exhausting #security #bugbounties
The world of #cybersecurity is not immune to this problem. In last year, people across the cybersecurity industry have raised concerns about #AI #slop #bugbounty reports, meaning reports that claim to have found #vulnerabilities that do not actually exist, because they were created with a #largelanguagemodel (#LLM) that simply made up the #vulnerability, and then packaged it into a professional-looking writeup
https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/ -
#AIslop and fake reports are exhausting #security #bugbounties
The world of #cybersecurity is not immune to this problem. In last year, people across the cybersecurity industry have raised concerns about #AI #slop #bugbounty reports, meaning reports that claim to have found #vulnerabilities that do not actually exist, because they were created with a #largelanguagemodel (#LLM) that simply made up the #vulnerability, and then packaged it into a professional-looking writeup
https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/ -
#AIslop and fake reports are exhausting #security #bugbounties
The world of #cybersecurity is not immune to this problem. In last year, people across the cybersecurity industry have raised concerns about #AI #slop #bugbounty reports, meaning reports that claim to have found #vulnerabilities that do not actually exist, because they were created with a #largelanguagemodel (#LLM) that simply made up the #vulnerability, and then packaged it into a professional-looking writeup
https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/ -
#AIslop and fake reports are exhausting #security #bugbounties
The world of #cybersecurity is not immune to this problem. In last year, people across the cybersecurity industry have raised concerns about #AI #slop #bugbounty reports, meaning reports that claim to have found #vulnerabilities that do not actually exist, because they were created with a #largelanguagemodel (#LLM) that simply made up the #vulnerability, and then packaged it into a professional-looking writeup
https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/ -
It's only going to get worse from here. This could easily kill the whole concept of #bugbounties. Why?
- Genuine researches quit in frustration as they don't get proper reward for their hard work, and see #aislop scoop the money.
- Orgs/projects abandon bug bounty programs since they get mostly AI Slop reports.
- Financial backing (as donations or investment) for bug bounty programs disappears as the money is paid to scammers. -
It's only going to get worse from here. This could easily kill the whole concept of #bugbounties. Why?
- Genuine researches quit in frustration as they don't get proper reward for their hard work, and see #aislop scoop the money.
- Orgs/projects abandon bug bounty programs since they get mostly AI Slop reports.
- Financial backing (as donations or investment) for bug bounty programs disappears as the money is paid to scammers. -
It's only going to get worse from here. This could easily kill the whole concept of #bugbounties. Why?
- Genuine researches quit in frustration as they don't get proper reward for their hard work, and see #aislop scoop the money.
- Orgs/projects abandon bug bounty programs since they get mostly AI Slop reports.
- Financial backing (as donations or investment) for bug bounty programs disappears as the money is paid to scammers. -
It's only going to get worse from here. This could easily kill the whole concept of #bugbounties. Why?
- Genuine researches quit in frustration as they don't get proper reward for their hard work, and see #aislop scoop the money.
- Orgs/projects abandon bug bounty programs since they get mostly AI Slop reports.
- Financial backing (as donations or investment) for bug bounty programs disappears as the money is paid to scammers. -
It's only going to get worse from here. This could easily kill the whole concept of #bugbounties. Why?
- Genuine researches quit in frustration as they don't get proper reward for their hard work, and see #aislop scoop the money.
- Orgs/projects abandon bug bounty programs since they get mostly AI Slop reports.
- Financial backing (as donations or investment) for bug bounty programs disappears as the money is paid to scammers. -
TechCrunch: A new security fund opens up to help protect the fediverse. “The fediverse, also known as the open social web that includes Mastodon, Meta’s Threads, Pixelfed, and other apps, is ramping up its security. On Wednesday, a nonprofit focused on bringing governance to open source projects, the Nivenly Foundation, announced the launch of a new security fund that will pay those who […]
-
Bleeping Computer: Google paid $12 million in bug bounties last year to security researchers. “Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company’s Vulnerability Reward Program (VRP) in 2024.”
-
Bleeping Computer: Google paid $12 million in bug bounties last year to security researchers. “Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company’s Vulnerability Reward Program (VRP) in 2024.”
-
Bleeping Computer: Google paid $12 million in bug bounties last year to security researchers. “Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company’s Vulnerability Reward Program (VRP) in 2024.”
-
The Register: Microsoft expands Copilot bug bounty targets, adds payouts for even moderate messes. “Microsoft is so concerned about security in its Copilot products for folks that it’s lifted bug bounty payments for moderate-severity vulnerabilities from nothing to a maximum of $5,000, and expanded the range of vulnerabilities it will pay people to find and report.”
-
The Register: Microsoft expands Copilot bug bounty targets, adds payouts for even moderate messes. “Microsoft is so concerned about security in its Copilot products for folks that it’s lifted bug bounty payments for moderate-severity vulnerabilities from nothing to a maximum of $5,000, and expanded the range of vulnerabilities it will pay people to find and report.”
-
The Register: Microsoft expands Copilot bug bounty targets, adds payouts for even moderate messes. “Microsoft is so concerned about security in its Copilot products for folks that it’s lifted bug bounty payments for moderate-severity vulnerabilities from nothing to a maximum of $5,000, and expanded the range of vulnerabilities it will pay people to find and report.”
-
The Register: Microsoft expands Copilot bug bounty targets, adds payouts for even moderate messes. “Microsoft is so concerned about security in its Copilot products for folks that it’s lifted bug bounty payments for moderate-severity vulnerabilities from nothing to a maximum of $5,000, and expanded the range of vulnerabilities it will pay people to find and report.”
-
We didn’t have the best experience with bug bounties at elementary—the platform we were using turning into a cryptocoin rug pull notwithstanding.
That said, it’s been a while since I heard about bounty programs for open source projects. Maybe we were just inexperienced, or the platform we were using was not set up well. Has anyone seen successful examples?
Someone recently pointed out https://algora.io. Has anyone here used it?
-
We didn’t have the best experience with bug bounties at elementary—the platform we were using turning into a cryptocoin rug pull notwithstanding.
That said, it’s been a while since I heard about bounty programs for open source projects. Maybe we were just inexperienced, or the platform we were using was not set up well. Has anyone seen successful examples?
Someone recently pointed out https://algora.io. Has anyone here used it?
-
We didn’t have the best experience with bug bounties at elementary—the platform we were using turning into a cryptocoin rug pull notwithstanding.
That said, it’s been a while since I heard about bounty programs for open source projects. Maybe we were just inexperienced, or the platform we were using was not set up well. Has anyone seen successful examples?
Someone recently pointed out https://algora.io. Has anyone here used it?