Google has decided to increase the rewards of its bug bounty program significantly, according to a recent blog post by members of the tech giant's security team.
Any cross-site scripting (XSS) flaws found in accounts.google.com are now worth $7,500 (previously $3,133.70), and now any Gmail and Google Wallet bugs will fetch up to $5,000, up from $1,337. For any information regarding significant authentication bypasses/information leaks, the top reward has increased from $5,000 to $7,500.
Remote code execution vulnerabilities and SQL injection flaws still offer the biggest reward in Google's bug bounty program.
According to the blog post by Adam Mein and Michal Zalewski, members of Google's security team, the company's vulnerability reward program has paid $828,000 to more than 250 individuals.
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Private AI vs Public AI: How your organisation can securely adopt AI without compromise and excessive cost
iTnews Benchmark Security Awards 2025
Digital Leadership Day Federal
Government Cyber Security Showcase Federal
Government Innovation Showcase Federal
.jpg&h=140&w=231&c=1&s=0)
.jpg&h=140&w=231&c=1&s=0)
