Security news aggregator

Latest coverage for Bug Bounty

Explore the latest bug bounty news, updates, and programs that reward ethical hackers for finding security vulnerabilities and threats.

13 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Bug bounty programs invite external security researchers to identify and report software vulnerabilities in exchange for rewards, usually monetary. These programs extend testing beyond internal teams by leveraging diverse expertise and real-world attack techniques, helping organizations uncover flaws that might otherwise remain hidden. Participants submit detailed vulnerability reports, which organizations validate and address according to defined scopes and rules.

From a security standpoint, bug bounties increase exposure by allowing controlled probing of live systems, which can reveal critical issues like remote code execution or privilege escalation. Effective programs require clear scope boundaries and efficient triage to prevent resource overload and ensure timely remediation. Integrating external findings into vulnerability management shortens the time between discovery and patching, reducing the risk that attackers exploit unpatched vulnerabilities in production environments.

Volume over time

Weekly headline count for the current query.

Showing 13 most recent headlines Filtered view

Also: UK Sanctions HTX-Linked EntityThis week, the U.S. sanctioned Sinaloa Cartel-linked networks, the U.K. sanctioned a HTX-linked entity, Syndicate Labs shuttered, Missouri sued CoinFlip, Verus attacker took a bounty deal, StablR was exploited and malicious packages targeted crypto developer systems.

Bank Info Security 7 months, 3 weeks ago

Hardware Hackers Urge Vendor Engagement for Security Success

Experts Detail Upsides of Bug Bounties and Getting Devices Into Researchers' HandsAs fresh vulnerabilities in hardware keep coming to light, one question remains: What vendors can do to better prevent, identify and eradiate flaws? One shortlist offered by veteran hardware hackers centered on the upsides of engagement, including bug bounty programs.

Also: Spain Defies Pressure to Eject Huawei, Hackers Leak North Korea Kimsuky DataThis week, Norway said Russian hackers attacked a flood gate, Spain defied pressure to eject Huawei, a cyberattack against the Office of the Pennsylvania Attorney General. Hackers leaked stolen North Korean Kimsuky data, Microsoft patched a Kerberos zero-day and a big Chrome bug bounty.

Elastic CEO Ash Kulkarni on How AI Transforms Security Data AnalysisAsh Kulkarni, CEO at Elastic, discussed how bug bounty projects and close scrutiny by millions of developers worldwide have made open-source projects more secure than proprietary solutions. He recommends open APIs and interoperability as the future of effective security solutions.

Bank Info Security 1 year, 3 months ago

Cryptohack Roundup: US Disbands Cryptocurrency Legal Team

Also: PoisonSeed Phishing Campaign, FTX Clients Face Reimbursement HurdleThis week, Trump administration disbanded a Justice Department crypto unit, the U.S. Securities and Exchange Commission will review crypto guidance, Usual pledged up to $16M in bug bounties, a PoisonSeed phishing campaign, FTX repayment plan troubles and a Coinbase 2FA error.

Max Payout for Bug Bounty Program Up From $20,000 to $100,000OpenAI announced a cybersecurity initiative that aims to improve the resilience of its artificial intelligence systems by rewarding the discovery of critical vulnerabilities and improving threat mitigation. OpenAI raised the maximum payout for its bug bounty program from $20,000 to $100,000.

Bank Info Security 1 year, 7 months ago

Bug Bounties: Bringing Hackers and Manufacturers Together

Researcher Lennert Wouters on Benefits of Device Hacking Contests, CollaborationLennert Wouters, a researcher at KU Leuven University in Belgium, has spent the past eight years studying embedded security, analyzing the vulnerabilities of everyday devices and commercial products. He shares his greatest hacks and insights on hardware security industry trends.

Bank Info Security 1 year, 10 months ago

New HackerOne CEO Kara Sprague to Expand Beyond Bug Bounties

Sprague Replaces Veteran CEO, Plans to Double Down on PTaaS and AI Red TeamingHackerOne has tapped F5's longtime product leader as it next chief executive to continue expanding its portfolio beyond operating vulnerability disclosure programs. The firm tasked Kara Sprague with building on existing growth in areas including AI red teaming and penetration testing as a service.

First Purchase in Bugcrowd's History to Boost Attack Surface Management, VisibilityBugcrowd has acquired Informer to enhance its external attack surface management, giving customers better visibility and security. The integration will bring Bugcrowd's existing bug bounty and penetration testing offerings together with new capabilities such as brand impersonation detection.

Bank Info Security 2 years, 3 months ago

UnitedHealth Admits Patient Data Was 'Taken' in Mega Attack

US Government Offers $10M Bounty to Track Down Leadership of BlackCat Crime GroupUnitedHealth Group has admitted data was "taken" in the cyberattack on Change Healthcare and has just started analyzing the types of personal, financial and health information potentially compromised. The U.S. is offering a $10 million bounty for BlackCat, which claims to have launched the attack.

Bank Info Security 2 years, 4 months ago

Breach Roundup: US FCC Authorizes IoT Cybersecurity Label

Also: Catching Up With Spain's Most Dangerous HackerThis week, the FCC OK'd cybersecurity labeling, DarkGate exploited Google, Fortinet patched a bug, cyberattacks hit the French government and employment agencies, Google restricted Gemini AI chatbot and paid bug bounties, Microsoft had Patch Tuesday, Marine Max was attacked, and Alcasec moved on.