Bug bounty hunters load up to stalk AI and fancy bagging big bucks Google offers AI-specific rewards, HackerOne sees more specializations Cybersecurity Month27 Oct 2023 | 1
Student crashes Cloudflare beta party, redirects email, bags a bug bounty Simple to exploit, enough to pocket $3,000 Research04 Aug 2022 | 8
North Koreans spotted harassing SMBs with malware In brief Also: Lawyers told to dissuade clients from paying off ransomware crooks, and more Security16 Jul 2022 | 16
Pentagon: We'll pay you if you can find a way to hack us DoD puts money behind bug bounty program after reward-free pilot Research05 Jul 2022 | 18
UK's Ministry of Defence coughs up bug bounties for crowdsourced pentesting Small steps could lead to bigger strides Security03 Aug 2021 | 11
Compsci student walks off with $50,000 after bug bounty report blows gaping hole in Shopify software repos First-timer wins maximum payout through HackerOne programme Security27 Jul 2021 | 12
UK Ministry of Defence: We won't prosecute bug bounty hunters – oh btw, we now have one of those 'Better late than never' opines industry bod Security10 Dec 2020 | 19
It's been a vintage year for bug bounty hunters, says HackerOne as it boasts of $40m+ passing through its treasure chests Big money, says CEO, but what would it cost not to find and fix these vulns? Security22 Sep 2020 | 2
Fun fact: If you noticed a while ago Zoom's web client going AWOL for a week, it's because someone found a passcode-cracking hole Story behind a hasty teardown, fixing of a brute-force vulnerability Security31 Jul 2020 | 8
What did it take for stubborn IBM to fix flaws in its Data Risk Manager security software? Someone dropping zero-days The other kind of DRM strikes: Bod baffled after attempt to raise alarm over vulnerabilities is ignored Security23 Jun 2020 | 11
PuTTY in your hands: SSH client gets patched after RSA key exchange memory vuln spotted Bunch of bugs stomped with version 0.71 Security19 Mar 2019 | 75
LA Times knocked out, HackerOne slips up and – amazingly – router security still sucks Plus, London Gatwick drone comedy quiets down Security05 Jan 2019 | 23
I found a security hole in Steam that gave me every game's license keys and all I got was this... oh nice: $20,000 Sorry kids, it was patched weeks ago by Valve Security09 Nov 2018 | 38
Kaspersky VPN blabbed domain names of visited websites – and gave me a $0 reward, says chap Updated DNS leak flaws are outside of bug-bounty scope Security09 Aug 2018 | 19
Like my new wheels? All I did was squash a bug, and they gave me $72k Bug bounty platform reports that vuln hunters are making bank Security11 Jul 2018 | 13
HackerOne says 'no' to FlexiSpy stalkerware bug bounty program Creepy app seller is going to have to QA its own buggy software Security05 May 2017 | 4
Qualcomm now offering US$15k for security bugs Snapdragon processors, modems first on the bounty list Security21 Nov 2016 | 2
Tokens of terror spark 'major security update' at GitLab HackerOne's Jobert Abma spots import/export credential persistence problem Security04 Nov 2016 |
Uber explains itself after 'moving the goalposts' on its new bug bounties Moneybags upstart accused of shafting people? Who'd have thought it? Security24 Mar 2016 | 13
HackerOne boss on why the future's bright for bug bounties RSA 2016 Soft launch of subscriber service on Tuesday Security01 Mar 2016 | 1
Throwing money at bug bounties won't beat zero-day dark markets RSA 2015 Study shows tools and bragging rights key to beating criminals Security22 Apr 2015 | 4
Don't collect bugs, invest in fly-spray says bug bounty operator Money-munching mercenaries blitz bug bounty budgets Security15 Apr 2015 | 8
Ex-Microsoft Bug Bounty dev forced to decrypt laptop for Paris airport official Airside Clouseau in search of something, anything Security06 Jan 2015 | 123