In 2 hours I'm going to drop the video on how Joseph Thacker, Justin Gardner and I managed to hack Google VRP (Google Bug Hunters) AI scope for $50,000 🤑 I'm so excited !!! 🔥

Minor rules update 📜 We added footnotes to better define "Normal Google applications" and "Non-integrated acquisitions" in our Google VRP rewards table! bughunters.google.com/about/rules/66…

Bug hunters, rejoice! We've increased Google Mobile VRP rewards by up to 10x; combined with our new quality-based modifiers, this means we're offering rewards of up to $450,000 for your reports 💸💸💸. bughunters.google.com/blog/579219202…

Don't get caught off guard by post-quantum cryptography threats 👀. Check out our latest blog post to learn how hybrid deployments can help future-proof your data security strategy. bughunters.google.com/blog/526688204…

Curious to learn more about ESCAL8, Google's annual security conference? See our blog post to find out what this event holds in store for seasoned bug hunters, aspiring security professionals, and experienced CTF players. bughunters.google.com/blog/484622746…

📣📣📣 Calling all Google CTF players! Qualify for Hackceler8 2024 in Malaga by participating in our online CTF qualification round on June 21-23. Register your team now at goo.gle/ctf. See our blog post for details. bughunters.google.com/blog/543069752…

Big news for bug hunters! We've added a new payment option 💰: select Bugcrowd in your profile on bughunters.google.com and profit from ⚡-fast and more flexible payouts. See our blog for details: bughunters.google.com/blog/648393685…

Google CTF is just around the corner, starting June 21 at 6:00 PM UTC! Give your best and earn all the flags to qualify for Hackceler8 2024 in Málaga. Register at goo.gle/ctf. ¡Vamos! For details, see our blog post: bughunters.google.com/blog/543069752…

This years Google CTF Qualification is over. Congratulations to kalmarunionen, kijitora and Zer0RocketWrecks! The top 8 teams qualified for Hackceler8 2024 in Málaga. More details at goo.gle/ctf. ¡Vamos!

🔥 Hot off the press! 🔥 Part 3 of our series on PQC has landed: Learn how cryptographic agility and key rotation are related and facilitate a smooth transition to quantum-safe systems. bughunters.google.com/blog/618233664…

🚫 DOM XSS, begone! 👋 Discover how we used Trusted Types to protect AppSheet, and how that can inform your own web application's journey to a safer security posture where DOM XSS vulnerabilities are a thing of the past. bughunters.google.com/blog/603789066…

🚀 Level up your container security using acjs and ctrdac, Google's new open-source projects for flexible and dynamic admission control in containerized and Kubernetes environments. Curious? Check out our latest blog post! bughunters.google.com/blog/666987474…

🚨💰 Google VRP Reward Update 💰🚨 Good news, we are significantly increasing the reward amounts offered by the Google VRP! Look out for up to 5x higher payouts and a maximum reward of $151,515! Details here: bughunters.google.com/blog/540051395…

We're excited to sponsor the first ever Bug Bounty Village at DEF CON!

A ticking time bomb in your Linux kernel? 💣 That's what CVE-2023-2163 could have been. Our team uncovered and neutralized this critical eBPF vulnerability. Our blog post covers the root cause, the fix, and potential impact. bughunters.google.com/blog/630322602…

🔐 In the wake of the standards released by NIST, find out how Google is collaborating with Cryspen to bring you compliant and formally verified PQC algorithms that guarantee security, functional correctness & memory safety. bughunters.google.com/blog/603886306…

📢 Chrome VRP reward updates! 💰 Bigger payouts (up to 5x higher, $250,000+) and clearer guidelines, all designed to incentivize high-quality Chrome security research. Let's work together to make Chrome even safer! 🔐 bughunters.google.com/blog/530204429…

Inspiring the next generation of cybersecurity heroes! init.g's workshop is live in São Paulo 🇧🇷, empowering students to create a safer digital world. Check out the action! #initg #cybersecurity #hacktheplanet

🔒 Exploiting memory corruption bugs in server-side software is no easy feat, especially when you're working blind without source code or binaries. See how we used a technique dubbed "Conditional Corruption" to achieve this. bughunters.google.com/blog/622075742…

🕵️‍♂️ Bug hunters, is the vulnerability your dependency scanner reported really legit? 🤔 Don't let false positives fool you! Learn how to separate the real vulnerabilities from the noise in our latest blog post: bughunters.google.com/blog/630252276…