ZDNet

Critical CSRF vulnerability found on Glassdoor company review platform

Glassdoor, a website for job hunting and posting anonymous company reviews, has resolved a critical issue that could be exploited to take over accounts. Bug bounty researcher "Tabahi" (ta8ahi) found ...
NBC News

PayPal Institutes Bug Bounty Program

No stranger to the malevolent efforts of cybercriminals, PayPal is now offering financial rewards to researchers who find and report security bugs to the site's administrators. Subscribe to read this ...
ZDNet

TikTok patches reflected XSS bug, one-click account takeover exploit

TikTok has patched a reflected XSS security flaw and a bug leading to account takeover impacting the firm's web domain. Reported via the bug bounty platform HackerOne by researcher Muhammed "milly" ...
Bleeping Computer

TikTok fixes bugs allowing account takeover with one click

TikTok has addressed two vulnerabilities that could have allowed attackers to take over accounts with a single click when chained together for users who signed-up via third-party apps. The social ...
Bleeping Computer

Google paid $12 million in bug bounties last year to security researchers

Google paid almost $12 million in bug bounty rewards to 660 security researchers who reported security bugs through the company's Vulnerability Reward Program (VRP) in 2024. Among last year's ...
CoinTelegraph

AI drives surge in ‘bug bounty’ reports, but the ‘slop’ is rising too

HackerOne, one of the largest bug bounty platforms in the world, reported there were 85,000 valid bounty submissions in 2025, up 7% from the previous year. Crypto protocols have warned that an ...
Infosecurity-magazine.com

OpenAI Expands Bug Bounty to Cover AI Abuse and 'Safety' Concerns

OpenAI has launched a new bug bounty program to engage researchers in addressing AI abuse and safety risks across its products. The new Safety Bug Bounty program was announced on March 26 and is ...