GadgetBond

  • Latest
  • How-to
  • Tech
    • AI
    • Amazon
    • Apple
    • CES
    • Computing
    • Creators
    • Google
    • Meta
    • Microsoft
    • Mobile
    • Samsung
    • Security
    • Xbox
  • Transportation
    • Audi
    • BMW
    • Cadillac
    • E-Bike
    • Ferrari
    • Ford
    • Honda Prelude
    • Lamborghini
    • McLaren
    • Mercedes
    • Porsche
    • Rivian
    • Tesla
  • Culture
    • Apple TV
    • Disney
    • Gaming
    • Hulu
    • Marvel
    • HBO Max
    • Netflix
    • Paramount
    • SHOWTIME
    • Star Wars
    • Streaming
Add GadgetBond as a preferred source to see more of our stories on Google.
Font ResizerAa
GadgetBondGadgetBond
  • Latest
  • Tech
  • AI
  • Deals
  • How-to
  • Apps
  • Mobile
  • Gaming
  • Streaming
  • Transportation
Search
  • Latest
  • Deals
  • How-to
  • Tech
    • Amazon
    • Apple
    • CES
    • Computing
    • Creators
    • Google
    • Meta
    • Microsoft
    • Mobile
    • Samsung
    • Security
    • Xbox
  • AI
    • Anthropic
    • ChatGPT
    • ChatGPT Atlas
    • Gemini AI (formerly Bard)
    • Google DeepMind
    • Grok AI
    • Microsoft Copilot
    • OpenAI
    • Perplexity
    • xAI
  • Transportation
    • Audi
    • BMW
    • Cadillac
    • E-Bike
    • Ferrari
    • Ford
    • Honda Prelude
    • Lamborghini
    • McLaren W1
    • Mercedes
    • Porsche
    • Rivian
    • Tesla
  • Culture
    • Apple TV
    • Disney
    • Gaming
    • Hulu
    • Marvel
    • HBO Max
    • Netflix
    • Paramount
    • SHOWTIME
    • Star Wars
    • Streaming
Follow US
AIGoogleSecurityTech

Google launches new AI bug bounty program with rewards up to $30,000

Google’s latest vulnerability reward program targets rogue AI actions, offering up to $30K to researchers who expose harmful model-driven exploits in products like Gemini and Gmail.

By
Shubham Sawarkar
Shubham Sawarkar's avatar
ByShubham Sawarkar
Editor-in-Chief
I’m a tech enthusiast who loves exploring gadgets, trends, and innovations. With certifications in CISCO Routing & Switching and Windows Server Administration, I bring a sharp...
Follow:
- Editor-in-Chief
Oct 7, 2025, 12:20 PM EDT
Share
The image shows the Google logo mounted on a brick wall. The logo consists of the word 'Google' in colorful letters: blue 'G,' red 'o,' yellow 'o,' blue 'g,' green 'l,' and red 'e.' The background is made up of beige and light brown bricks arranged in a horizontal pattern.
Image: Google
SHARE

On Monday, Google formalized something security researchers have been nudging the company toward for years: a bounty program specifically tuned to the kinds of vulnerabilities that come with generative AI. The top prize for the riskiest, most novel exploits is $30,000, and the company is now explicitly rewarding work that shows how an AI system can be tricked into taking real-world actions — the sort of stuff that turns a fuzzy model failure into a real security incident.

Traditional bug bounties pay for things like SQL injection, privilege escalation, or remote code execution. AI systems add a new layer: they can be manipulated by text, images, or inputs that “prompt” the model into doing unintended things. Google’s program emphasizes rogue actions — where an AI is coaxed or tricked into modifying someone’s account, leaking data, or controlling connected devices — over content problems like offensive output or copyright violations. In plain terms, getting Gemini to confidently invent a false fact is poor form, but getting Gemini to open a smart lock or email a sensitive summary to an attacker is prize-worthy.

That distinction matters because the company routes content issues (hate speech, copyright, creative misuse) to in-product feedback so its safety teams can retrain and tune models. The bug bounty, by contrast, is about security and abuse — real threats to people’s accounts, property, and data.

Real examples that make the stakes concrete

The kinds of proof-of-concept exploits Google lists are not theoretical. Researchers have already demonstrated attacks that chain model behavior into physical or account actions: a crafted calendar invite that poisoned Gemini’s context and was able to toggle smart-home devices; prompt-injection attacks that exfiltrate saved content; and scenarios where a generated output sends sensitive summaries to third parties. These are the scenarios Google says it wants external researchers to find and report.

The money — and how it’s structured

Google’s headline numbers are straightforward: top-tier, high-impact bugs on “flagship” products — Search, Gemini Apps, and core Workspace apps like Gmail and Drive — start at a $20,000 base reward. Strong reports can earn multipliers for quality and novelty, pushing the total to $30,000. Less severe issues, or flaws in lower-tier products, carry smaller payments. It’s a tiered approach that tries to match payout to real-world harm and the amount of effort required to exploit something.

It’s worth noting this isn’t Google’s first foray into AI bug payouts: the company has been encouraging AI-related submissions for a couple of years and — by Google’s reckoning — has paid researchers over $430,000 for AI-related findings since it started inviting external teams to probe its systems. The new program refines scope and reward levels rather than starting from scratch.

A side project that’s starting to look useful: CodeMender

Alongside the bounty announcement, Google unveiled an AI agent called CodeMender, which the company says has been used to help patch vulnerable open-source projects — 72 fixes so far, after human vetting. Google pitches CodeMender as a force-multiplier for triaging and fixing supply-chain and open-source issues that contribute to overall AI safety. Whether automated helpers like this will scale responsibly is an open question; for now, Google emphasizes that a human researcher vets anything CodeMender proposes.

What this means for researchers (and for the rest of us)

For security researchers, the message is: if you can demonstrate a reproducible, high-impact chain that uses a model to do something harmful (exfiltrate data, tamper with accounts, operate devices), Google will pay attention — and pay well. For enterprises and everyday users, the announcement is a tacit admission that AI’s surface area for abuse is expanding beyond misleading output into actions that have consequences outside the screen.

That said, the program’s carve-outs are important. Google explicitly says that ordinary content problems — bias, hallucination, foul language, or creative policy violations — belong in product feedback workflows, not the bounty pipeline. That separation helps Google triage what needs model-level safety improvements versus what’s an engineering or infrastructure vulnerability to be patched.

The arms race: incentives, disclosure, and safety

Bounties are an old trick: pay outsiders to find what you might miss internally. Applied to AI, they create incentives to probe emergent behavior and to publish responsible disclosures so fixes can be made before widespread abuse. But money alone doesn’t solve the harder questions about how models are tested, how prompts are sandboxed, or how interconnected systems (think calendar + assistant + smart home) are designed with adversarial thinking baked in.

There’s also the coordination problem: researchers sometimes want credit and publication, companies want quick mitigation, and users want safety. Programs like Google’s aim to square those circles by offering cash and an official reporting channel — with the hope that more eyes will equal fewer surprises.

How to participate

If you’re a researcher with a working exploit or a thoughtful threat model, Google points hunters to its official vulnerability reporting channels and program rules. The company asks for reproducible reports and the usual technical rigor: steps to reproduce, scope, and an explanation of impact. For content-only issues, use in-product feedback instead — those submissions help the safety teams improve the model on a broader scale.

Final take

Google’s move to formalize and sweeten AI-focused bug rewards is both pragmatic and symbolic. Pragmatic because the company can’t secure what it hasn’t tested against a motivated attacker; symbolic because it acknowledges that AI is now part of the attack surface for real-world harms. Paying up to $30,000 isn’t charity — it’s cost-of-doing-business insurance in an era where a poisoned prompt can reach out and touch your front door or your inbox.

If you’re a pen-tester, researcher, or curious hacker, now there’s clearer guidance and clearer money. If you’re a normal person, this should be a small comfort — a signal that someone’s paying attention to the things that could turn clever AI into careless harm.


Discover more from GadgetBond

Subscribe to get the latest posts sent to your email.

Most Popular

Claude Code adds multiplayer editing and public artifact sharing

Windows Search Box update prioritizes speed and simplicity

Microsoft Entra ID trashes text-code logins for good

The day the internet realized a list of links wasn’t enough

LG’s new commercial washers can clean and dry in just one hour

Also Read
ASUS ROG Raikiri II Pro PC controller placed on a gaming desk between a mechanical keyboard and dual monitors with purple RGB lighting. The controller features a built-in display, programmable buttons, and a charging dock, highlighting its premium gaming setup.

ASUS cracks the code on stick drift with the new ROG Raikiri II Pro

Promotional graphic for the MLS Season Pass on Apple TV featuring the slogan "IT'S GOOD TO BE BACK" in large white text on an orange background. The MLS and Apple TV logos appear in the top-left corner, while several soccer players in action—including one in a pink Inter Miami CF jersey, a goalkeeper in green, and players in black and blue kits—are shown on the right competing for the ball, highlighting the return of the MLS season.

MLS resumes on Apple TV after World Cup break

Illustration showing the Gmail logo above the text “Gmail in the Gemini era,” with the word “Gemini” highlighted in blue on a light gradient background.

Gmail rolls out custom prompting to help you perfect your tone

EA Sports Madden NFL 27 Arcade Edition key art featuring a quarterback in a Chicago Bears uniform preparing to throw a football, with the game logo displayed over a nighttime Chicago skyline.

EA’s new Madden NFL 27 Arcade Edition launches August 6

Samsung Bespoke AI washer and dryer lineup for 2026 installed beneath a modern staircase, featuring matching graphite-finish front-load appliances with AI displays, integrated shelving, and built-in ambient lighting in a contemporary home laundry space.

A look at Samsung’s sleek new Bespoke AI laundry lineup

Waze app displaying the new motorcycle mode with a Gemini AI-powered route recommendation, highlighting the fastest 19-minute route, alternate routes, and motorcycle-specific navigation options.

Waze finally adds a dedicated motorcycle mode

Perplexity Mac app displaying the new multiple account switcher, allowing users to quickly switch between accounts, add a new account, manage credits, and access settings from a single dropdown menu.

Perplexity adds multi-account support to the Mac app

Claude Code desktop app displaying its new in-app browser, with the AI assistant researching a checkout shipping flow while viewing a live website and analyzing best practices side by side.

Claude Code gets an in-app browser

Company Info
  • Homepage
  • Support my work
  • Latest stories
  • Company updates
  • GDB Recommends
  • Daily newsletters
  • About us
  • Contact us
  • Write for us
  • Editorial guidelines
Legal
  • Privacy Policy
  • Cookies Policy
  • Terms & Conditions
  • DMCA
  • Disclaimer
  • Accessibility Policy
  • Security Policy
  • Do Not Sell or Share My Personal Information
Socials
Follow US

Disclosure: We love the products we feature and hope you’ll love them too. If you purchase through a link on our site, we may receive compensation at no additional cost to you. Read our ethics statement. Please note that pricing and availability are subject to change.

Copyright © 2026 GadgetBond. All Rights Reserved. Use of this site constitutes acceptance of our Terms of Use and Privacy Policy | Do Not Sell/Share My Personal Information.