CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

HackerOne bug bounty payouts reach $81 million in 2024-2025

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

HackerOne reported paying $81 million in bug bounties over the past year, marking a 13% year-over-year increase. The platform manages over 1,950 bug bounty programs for high-profile clients, including major corporations and government agencies. The average annual payout across all active programs is approximately $42,000, with the top 100 programs paying out $51 million in the last year. The top 10 programs alone accounted for $21.6 million in rewards. The number of AI vulnerabilities has surged by over 200%, with prompt injection vulnerabilities increasing by 540%. Meanwhile, traditional vulnerabilities like XSS and SQLi are declining, while authorization flaws are on the rise.

Timeline

  1. 02.10.2025 18:35 1 articles · 10h ago

    HackerOne reports $81 million in bug bounty payouts for 2024-2025

    HackerOne has paid $81 million in bug bounties over the past 12 months, a 13% increase year-over-year. The top 100 programs paid out $51 million, with the top 10 programs accounting for $21.6 million. AI vulnerabilities surged by over 200%, with prompt injection vulnerabilities increasing by 540%. Traditional vulnerabilities like XSS and SQLi are declining, while authorization flaws are on the rise. The number of bug bounty programs including AI in scope increased by 270% year-over-year, and 70% of researchers surveyed used AI tools in their workflow.

    Show sources
    Open in new tab

Information Snippets