OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns
OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws
Explore the latest bug bounty news, updates, and programs that reward ethical hackers for finding security vulnerabilities and threats.
Search across headline titles and summaries.
Background for this topic.
Bug bounty programs invite external security researchers to identify and report software vulnerabilities in exchange for rewards, usually monetary. These programs extend testing beyond internal teams by leveraging diverse expertise and real-world attack techniques, helping organizations uncover flaws that might otherwise remain hidden. Participants submit detailed vulnerability reports, which organizations validate and address according to defined scopes and rules.
From a security standpoint, bug bounties increase exposure by allowing controlled probing of live systems, which can reveal critical issues like remote code execution or privilege escalation. Effective programs require clear scope boundaries and efficient triage to prevent resource overload and ensure timely remediation. Integrating external findings into vulnerability management shortens the time between discovery and patching, reducing the risk that attackers exploit unpatched vulnerabilities in production environments.
Weekly headline count for the current query.
OpenAI’s Safety Bug Bounty program seeks to address AI safety vulnerabilities beyond traditional security flaws
Apple has doubled its top bug bounty reward to $2m but with bonuses it could reach $5m
Google has introduced a new AI Vulnerability Reward Program offering up to $30,000 for bug discoveries in its AI products
Coinbase is offering a $20m reward to help catch the threat actor behind a cyber-attack that could cost it between $180-$400m
Following the largest-ever crypto theft, Bybit is offering researchers up to 10% of recovered funds
Crypto.com has launched a massive $2m bug bounty program on HackerOne, the largest ever offered on the platform, to enhance platform security
Seven years into its ethical hacking program, the Pentagon received its 50,000th vulnerability report on March 15
Google revealed it paid $10m in bug bounty payments to more than 600 researchers in 2023, with the highest single payment being £113,337
Decentralized exchange offers $5m bounty
Ethical hackers could win cash prizes of up to $20,000
Thirty hackers have earned over one million dollars each
Google has launched capture the flag (CTF) competitions focused on Chrome’s V8 JavaScript engine and Google Cloud’s kernel-based virtual machine (KVM)
Rewards range from $750 for certain MiTM scenarios to $30,000 for some ACE vulnerabilities
Following criticisms around ChatGPT’ security and privacy practices, OpenAI has launched a bug bounty program to help identify vulnerabilities across its systems and services
It will be a resource for DoD organizations, vendors and security researchers
Cybersecurity researchers will try and find vulnerabilities in the government's FRCS network
The total amount since the program's establishment in 2011 is reportedly $16m
Initiative is part of $10bn commitment to improve cybersecurity
Zero Day Initiative says incomplete or faulty patches now commonplace
Katie Moussouris explains why simply having a bug bounty program isn't enough to fix security problems