Mastodawn

Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health" https://arstechni.ca/seeo #bugbounties #Security #Biz&IT #LLMs #slop #AI

Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health"

The onslaught includes LLMs finding bogus vulnerabilities and code that won't compile.

Ars Technica

N-gated Hacker News Jan 21

🚀 Curl bravely steps into 2023 by axing bug bounties, proving AI is now even better at generating nonsense than humans. Meanwhile, Jumi suspects JavaScript's latest conspiracy to disable itself and ruin everyone's day. 🙃
https://etn.se/index.php/nyheter/72808-curl-removes-bug-bounties.html #Curl2023 #AIvsHumans #JavaScriptConspiracy #BugBounties #TechNews #HackerNews #ngated

Dissent Doe

Dec 5

UK Government Considers Computer Misuse Act Revision:

https://www.databreachtoday.com/uk-government-considers-computer-misuse-act-revision-a-30197

Protections for researchers and whitehats are definitely needed. Let's see some specific language to respond to.

#MCA #researchers #statutorydefense
#bugbounties #safeharbor

César Pose Oct 13

There was a stroke of luck, a twist of fate (actually a bounty payment) and today we have tire change 😎

#bugbounty #bugbounties #bountyhunters

ResearchBuzz: Firehose Oct 13

Engadget: Apple doubles its biggest bug bounty reward to $2 million. “It has doubled its top award from $1 million to $2 million for the discovery of ‘exploit chains that can achieve similar goals as sophisticated mercenary spyware attacks’ and which requires no user interaction. But the maximum possible payout can exceed $5 million dollars for the discovery of more critical vulnerabilities, […]

https://rbfirehose.com/2025/10/13/engadget-apple-doubles-its-biggest-bug-bounty-reward-to-2-million/

Engadget: Apple doubles its biggest bug bounty reward to $2 million | ResearchBuzz: Firehose

ResearchBuzz: Firehose | Individual posts from ResearchBuzz

N-gated Hacker News Oct 8

🐞💰 Bug bounties: the latest get-rich-slow scheme for those with more keyboard skills than social skills 🙄. Apparently, all you need is four years and a "unique personality" to achieve mediocrity-level success, as proudly demonstrated by Ozgur Alp, our self-appointed guru of vague advice. 🚀💸
https://ozguralp.medium.com/how-to-start-bug-bounties-101-how-to-make-a-million-in-4-years-e15ee62d6f4 #BugBounties #KeyboardSkills #GetRichSlow #UniquePersonality #MediocritySuccess #HackerNews #ngated

How to Start Bug Bounties 101 & How to Make a Million in 4 Years

I got lots of questions and requests especially from new beginners to the area, so wanted to prepare a blog post regarding how to start at…

Medium

The DefendOps Diaries Oct 2

$81M in bug bounties proves it: AI isn’t just creating new vulnerabilities—it’s transforming who's hunting them. Are we ready for an era of autonomous agents and bionic hackers?

https://thedefendopsdiaries.com/ai-powered-vulnerabilities-drive-81-million-in-bug-bounties-how-ai-is-reshaping-cybersecurity/

#aiincybersecurity
#bugbounties
#aivulnerabilities
#cybersecuritytrends
#autonomousagents

AI-Powered Vulnerabilities Drive $81 Million in Bug Bounties: How AI Is Reshaping Cybersecurity

Explore how AI-driven vulnerabilities fueled $81M in bug bounties, reshaping cybersecurity with autonomous agents, bionic hackers, and new threats.

The DefendOps Diaries

Nicolas Fränkel 🇪🇺🇺🇦🇬🇪Aug 16, 2025

#EU Commission Reactivates #BugBounties

https://www.i-programmer.info/news/136-open-source/18239-eu-commission-reactivates-bug-bounties-.html

EU Commission Reactivates Bug Bounties

Programming book reviews, programming tutorials,programming news, C#, Ruby, Python,C, C++, PHP, Visual Basic, Computer book reviews, computer history, programming history, joomla, theory, spreadsheets and more.

Benjamin Carr, Ph.D. 👨🏻‍💻🧬Jul 24, 2025

#AIslop and fake reports are exhausting #security #bugbounties
The world of #cybersecurity is not immune to this problem. In last year, people across the cybersecurity industry have raised concerns about #AI #slop #bugbounty reports, meaning reports that claim to have found #vulnerabilities that do not actually exist, because they were created with a #largelanguagemodel (#LLM) that simply made up the #vulnerability, and then packaged it into a professional-looking writeup
https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/

AI slop and fake reports are coming for your bug bounty programs | TechCrunch

"We're getting a lot of stuff that looks like gold, but it's actually just crap,” said the founder of one security testing firm. AI-generated security vulnerability reports are already having an effect on bug hunting, for better and worse.

TechCrunch

Show thread

Harry Sintonen May 5, 2025

It's only going to get worse from here. This could easily kill the whole concept of #bugbounties. Why?

- Genuine researches quit in frustration as they don't get proper reward for their hard work, and see #aislop scoop the money.
- Orgs/projects abandon bug bounty programs since they get mostly AI Slop reports.
- Financial backing (as donations or investment) for bug bounty programs disappears as the money is paid to scammers.