Profile
Google AI Bounty Pays Up To $30K
October 8, 2025 -
4 minutes, 40 seconds
Google is doubling down on AI safety — and it’s willing to pay big for it. Google’s AI bounty program pays bug hunters up to $30K for uncovering vulnerabilities that could make its AI products behave in risky or unintended ways.
The initiative, launched on Monday, aims to identify and fix “rogue actions” within Google’s growing suite of AI tools. These include potential exploits where an attacker might manipulate an AI model to perform harmful tasks — such as unlocking a smart home device or stealing sensitive user data.
What Counts As An AI Bug?
According to Google, an AI bug is any issue where a large language model or generative AI system can be manipulated to cause harm, misuse data, or bypass security controls. The most severe examples involve rogue actions, where an AI agent takes unintended commands that could compromise user safety or privacy.
One previously exposed flaw allowed hackers to use a poisoned Google Calendar event to open smart shutters and turn off lights. With this new bounty program, Google hopes to detect similar vulnerabilities before bad actors do.
Bug Hunters Are Already Cashing In
Over the past two years, researchers have earned more than $430,000 for finding AI-related flaws in Google’s ecosystem. But this new AI bounty program formalizes and expands that effort, creating clear definitions of what qualifies as a valid vulnerability.
The company clarified that simply making Gemini hallucinate doesn’t count. Content-related issues, such as AI generating hate speech or copyrighted material, should instead be reported through the built-in feedback channels. Those reports go to Google’s AI safety teams for long-term improvements and retraining.
CodeMender: AI That Fixes Security Bugs
Alongside the bounty announcement, Google introduced CodeMender, an AI-powered tool designed to automatically patch vulnerable code. The company reports that CodeMender has already been used to deliver 72 security fixes to open-source projects, each vetted by human researchers for quality and safety.
How Much Can You Earn?
Rewards depend on the product and severity of the bug. Rooting out rogue actions on flagship services like Search, Gemini Apps, Gmail, and Google Drive earns a base reward of $20,000, with bonuses for report quality and novelty that can boost payouts up to $30,000.
Lower-tier products, including Jules and NotebookLM, have smaller reward brackets, but Google says even minor findings can help improve the broader AI ecosystem’s resilience.
Why Google’s AI Bounty Program Matters
As AI becomes embedded in more of our daily tools, the risk of unexpected or malicious behavior rises. Google’s AI bounty program is not just a reward system — it’s part of a broader strategy to make AI safer, more transparent, and more reliable.
By incentivizing ethical hackers to uncover vulnerabilities early, Google strengthens its products and builds public trust in AI technology. For developers, it’s both a lucrative opportunity and a chance to shape the future of safe AI.
With Google’s AI bounty program paying bug hunters up to $30K, the company is setting a precedent for how Big Tech should approach AI security — proactively, transparently, and collaboratively. It’s a sign that the next frontier in cybersecurity isn’t just about code; it’s about teaching AI systems to stay within safe, ethical boundaries.
Related Posts
Contact Information
Suggested Writers
-
2.4K articles
-
1.3K articles
-
34 articles
-
28 articles








Comment