Apple has announced a major overhaul to its bug bounty program that doubles the maximum reward to $2 million for exploit chains that can match the sophistication of mercenary spyware attacks.
With bonuses for bypassing lock mode and vulnerabilities found in beta software, Apple says its total payouts could exceed $5 million. The company claims this represents “the largest payout offered by any rewards program.”
The program now places greater emphasis on entire exploit chains rather than individual vulnerabilities, reflecting the reality that real-world attacks typically chain together multiple bugs. Rewards for remote entry vectors have also increased substantially, although categories not commonly seen in real attacks will receive lower payouts.
As part of the overhaul, Apple is introducing “Target Flags,” which are inspired by capture-the-flag games. When a researcher successfully exploits a vulnerability, they can capture a specific indicator that demonstrates exactly what level of access was achieved, such as code execution or arbitrary read/write capabilities.
These flags can be verified by Apple, so researchers who submit reports using them can receive a notification of their reward immediately after Apple validates the captured flag. The payment is also issued in an upcoming payment cycle, meaning researchers won’t have to wait for Apple to release a software fix, which can take months. Previously, researchers often had to wait for Apple to fix a vulnerability before receiving payment.
The updated program will take effect starting in November 2025. Apple is also expanding the categories to include one-click WebKit sandbox escapes worth up to $300,000 and wireless proximity exploits on any radio worth up to $1 million. A complete bypass of Gatekeeper on macOS now nets $100,000.
More information about the changes can be found at Apple Security Research Website. Apple says it has paid more than $35 million to more than 800 researchers since launching the public program in 2020.
#Apple #unveils #million #bug #bounty #spywarelevel #exploits
