Security News

HackerOne’s 2018 Hacker-Powered Security Report showed that the average award for critical vulnerabilities has increased.

White hat hackers who responsibly disclosed vulnerabilities through bug bounty programs hosted by HackerOne earned more than $11 million last year, according to the company’s 2018 Hacker-Powered...

More companies are looking to adopt "safe harbor" language in their bug bounty programs to build trust with participants.

Mickos sat down with Threatpost's Lindsey O'Donnell to talk about bug bounty program opportunities, challenges, and ultimately how programs are evolving.

More companies – particularly social media firms – may follow Facebook’s footsteps in turning to bug bounty programs to scout out any data privacy abuse on their platforms, experts say.

Infosec bod shops NameTests, claims leaky code exposes info Facebook has forked out an $8,000 reward after a security researcher flagged up a third-party web app that potentially exposed up to 120...

Security researcher shops NameTests app as leaky javascript exposes user info Facebook has paid out $8,000 after a security researcher reported an app blabbing users’ info in what is possibly the...

Yubico has been drawn into a rare public spat over how the discovery of a security flaw affecting it products was credited.

USB gizmo biz apologies amid infosec drama Yubico has apologized to a security vulnerability researcher who had complained the dongle peddler lifted his work to nab a $5,000 Google bug bounty.…

What's the only thing better than a bug bounty reward? A bug bounty reward you weren't expecting. Especially one that's worth $36,337.