August 29, 2024 at 12:35PM Google’s Chrome Vulnerability Rewards Program has increased rewards, specifically addressing memory safety with up to $250,000 for demonstrated remote code execution. Other classes of vulnerabilities have rewards up to $30,000 and special rewards of $100,115 and $250,128 for bypassing security measures. A new bug could potentially earn $500,128. Based on … Read more
May 29, 2024 at 05:24AM Netflix has paid out more than $1 million to over 5,600 researchers since starting its bug bounty program in 2016. The move to the HackerOne platform promises increased rewards and expanded coverage, with potential payouts between $300 and $20,000 per vulnerability. However, its response to a researcher’s findings about illegal … Read more
April 30, 2024 at 02:35PM Google has increased rewards for reporting remote code execution vulnerabilities in select Android apps, now offering up to $450,000. The company aims to focus on flaws leading to data theft, paying $75,000 for such exploits. The changes to the Mobile Vulnerability Rewards Program also include bonuses for exceptional quality reports … Read more
March 13, 2024 at 02:10PM Google awarded $10 million to 632 bug hunters in 2023, slightly less than the previous year. The company introduced new reward categories and a Bonus Awards program. High-paying categories included Android VRP, and Wear OS was added to the bounty program. However, the effectiveness of bug bounties in making software … Read more
March 12, 2024 at 02:04PM Google announced a $10 million payout in 2023 for its bug bounty programs, totaling $59 million since 2010. 632 researchers from 68 countries earned rewards, with the highest single payout at $113,337. $3.4 million was awarded for Android vulnerabilities, with increased maximum rewards. Google’s bug bounty payouts are comparable to … Read more