Companies that hand out cash to hackers for finding software flaws have a new problem on their hands: a deluge of AI-written reports that point to bugs that don’t exist. Some firms have shut their programs down entirely while they figure out what to do.
Key Takeaways:
- Bugcrowd saw report volumes more than quadruple over three weeks in March, with most submissions turning out to be junk.
- Curl and Nextcloud have both paused their bug bounty programs, citing what Curl’s creator called “never-ending slop” that drains time and energy to debunk.
- HackerOne reports a 76% jump in submissions year-over-year through March, though the share of reports flagging real vulnerabilities has held steady at 25%.
Bug bounty schemes have run for more than two decades on a fairly simple bargain: independent researchers hunt for vulnerabilities, and companies pay them when they find something real. Generative AI has rewritten that arrangement. The tools help skilled researchers work faster, but they also let almost anyone fire off plausible-sounding reports without doing the actual work.
Bugcrowd, which runs programs for OpenAI, T-Mobile, and Motorola, watched its inbox swell more than fourfold during a three-week stretch in March. Most of what came in was useless. Curl, the data-transfer tool millions of developers depend on, pulled the plug on its paid program back in January. Its creator Daniel Stenberg wrote in a blog post that the “never-ending slop” had taken “a serious mental toll to manage and sometimes also a long time to debunk.”
Ross McKerchar, chief information security officer at Sophos, said the rise in poor-quality AI reports was “quickly becoming a major problem.” He sees three sources feeding the pipeline. There are first-timers chasing easy money. There are veteran researchers who have started leaning on AI agents and getting steered into dead ends. And then there’s what he called a “third cohort” of “experienced AI builders” running automated “end-to-end scanning and submission systems” that are “creating absolute carnage.”
“Bug bounties are going to stay [but] they’re going to have to change,” McKerchar said.
The money in the field has grown considerably. Google paid out $17 million in bounties last year, up from $7.5 million in 2021, and its single largest reward — $605,000 in 2022 — went to someone who found a hole in Android.
Nextcloud followed Curl out the door in April, suspending its program because of the “massive increase of low-quality reports.” The company said it wants to bring the program back once it figures out how to filter submissions properly.
Adding fuel to the situation, Anthropic launched its Mythos cyber AI model last month, claiming it can spot software flaws faster than human researchers can.
Platforms that broker these arrangements are adapting rather than retreating. HackerOne, whose clients include Goldman Sachs, Google, and the US Department of Defense, said it had “introduced new agentic validation capabilities” this year to “help organizations manage high volumes of findings,” including those produced by tools like Mythos. The company is also tightening background checks on submitters.
HackerOne chief executive Kara Sprague said the platform has recently seen a rise in “higher quality” reports that used AI assistance. She doesn’t see the AI flood as a reason to slam the door shut, arguing that the technology genuinely helps hackers find more flaws when used properly.
Bugcrowd’s chief Dave Gerry shares that view. He thinks tools like Anthropic’s Mythos will work alongside human researchers rather than push them out. “AI is going to help with a lot of things but we’re never going to replace that human creativity,” he said.
For now, the economics that built the bug bounty industry — humans hunting bugs, companies paying for results — are being stretched in directions nobody planned for. The platforms that survive will likely be the ones that figure out how to let useful AI assistance through while keeping the automated nonsense out.
Written by Alius Noreika
