Bug Bounty
-
ServiceNow says flaw was exploited to query customer instance tables
ServiceNow said a flaw in its platform was exploited to query tables in a subset of customer instances. The company applied a security update on June 5, 2026, and said impacted customers were notified.
-
Google adds User Alignment Critic to Chrome to protect Gemini agentic browsing
Google is introducing a separate, isolated LLM called User Alignment Critic in Chrome to vet actions taken by Gemini-powered agentic browsing. The architecture also uses origin restrictions, user prompts for sensitive steps, prompt-injection detection and automated red-teaming; Google is offering bounties up to $20,000 and has not given a public rollout date.
-
Meta gives researchers a WhatsApp Research Proxy and tightens anti-scraping protections
Meta has given selected bug bounty researchers access to a WhatsApp Research Proxy and launched a pilot to study platform abuse, while adding anti‑scraping protections after a public report showed how contact discovery could be abused to enumerate accounts at scale. Meta also patched a Unity‑related vulnerability affecting Quest devices and said it has paid…
-
Amazon opens invite-only bug bounty for NOVA models to outside researchers
Amazon has launched an invite-only bug bounty program for its NOVA family of language models, allowing select researchers to test and be paid for findings on issues such as prompt injection, jailbreaking and other vulnerabilities, with the company saying the effort will help secure models integrated across Amazon and customer systems.
-
Researchers Exploit 34 Zero‑Days on Opening Day of Pwn2Own Ireland 2025
On the opening day of Pwn2Own Ireland 2025 researchers exploited 34 zero‑day vulnerabilities and won $522,500 in prizes; Team DDOS earned $100,000 for chaining multiple flaws to compromise a QNAP router and NAS, and the Summoning Team led the leaderboard after day one.
-
Google launches AI Vulnerability Reward Program with bounties up to $30,000
Google this week launched an AI Vulnerability Reward Program offering up to $30,000 for high-quality reports on flaws in its AI products, covering Search, Gemini, Workspace and other AI systems and laying out tiered payouts for issues such as rogue actions and data exfiltration.
-
OpenAI Expands Bug Bounty Program and Cybersecurity Initiatives
OpenAI has announced expansions to its bug bounty and cybersecurity grant programs, including a significant increase in the maximum bug bounty payout from $20,000 to $100,000 and new microgrants for innovative cybersecurity research proposals.
