Google boosts bounties for open source flaws found via fuzzing Max reward per project integration is now $30k Security01 Feb 2023 | 3
GitHub sets up private vulnerability reports for public repos to avoid 'naming and shaming' No need for ignominy when a flaw is found Security14 Nov 2022 | 5
Pentagon is far too tight with its security bug bounties But overpriced, useless fighter jets? That's something we can get behind Research29 Sep 2022 | 16
Find a security hole in Google's open source and you could bag a $31,337 reward Will it be enough to prevent the next software supply-chain attack? Research30 Aug 2022 | 5
Microsoft trumps Google for 2021-22 bug bounty payouts Another $13.7m handed out to researchers, but then again it does have an awful lot of attack surfaces Security12 Aug 2022 | 5
Student crashes Cloudflare beta party, redirects email, bags a bug bounty Simple to exploit, enough to pocket $3,000 Research04 Aug 2022 | 8
LockBit ransomware gang claims it ransacked Italy’s tax agency Miscreants boast of 78GB haul, officials say everything's fine Security26 Jul 2022 | 7
Pentagon: We'll pay you if you can find a way to hack us DoD puts money behind bug bounty program after reward-free pilot Research05 Jul 2022 | 18
There are 24.6 billion pairs of credentials for sale on dark web In brief Plus: Citrix ASM has some really bad bugs, and more Security20 Jun 2022 | 3
Homeland Security bug bounty program uncovers 122 holes in its systems Thinking of another word for this US govt department's name CSO25 Apr 2022 | 4
Microsoft ups bug bounties 30% for cloud lines, pays more for 'scenario-based' exploits In Brief Plus: HP fixes critical Teradici flaws, Karakurt may be a Conti side hustle, and info-stealing malware set free Security18 Apr 2022 |
Crypto outfit Qubit appeals to the honour of thieves who lifted $80M of its digi-dollars Offers $2 million bug bounty and hopes perps see that record payout, and a clean conscience, as reasons to sacrifice $78m Security31 Jan 2022 | 44