Unleash Your Inner Chrome Bug Hunter with CodeQL 🐞💪! Check out our latest blog post to learn about CodeQL, and how you can use this powerful tool to help you find security flaws in Chrome. bughunters.google.com/blog/508511148…

We're sending a HUGE thank you to our incredible community of bughunters ! 🙏 Your passion for finding vulnerabilities keeps our users safe 🔒 To show our appreciation, we awarded over $380,000 in bounties this week, including the largest reward ever given in Google VRP history!

❄️⛄️ Holiday swag special 🎁 Any December submission to the [Google, Cloud, Abuse, OSS, Mobile, Chrome Ext] VRP that is rewarded with $500 or more qualifies – choose from a treasure trove of swag, including new T-shirts and hoodies. bughunters.google.com/about/rules/67…

Celebrating 15 years of password hacking 💻 🔑, Swiss Army knives (and sometimes even chainsaws or swords) included! 😲 Discover how Google's security teams turn employee farewells into security tests. bughunters.google.com/blog/635526578…

Can you believe it's already been one year of generative AI bug bounties at Alphabet 🥳? Besides awarding over $50k for 140+ reports, we also received plenty of feedback (thanks 👏 !). Our blog post looks back and at where we're headed in the future. bughunters.google.com/blog/547418639…

📯 Announcing the top 20 Chrome VRP researchers for 2024: crbug.com/386306231 📯 Congratulations to everyone on the list! Many thanks and much gratitude to our entire Chrome VRP researcher community and helping us make Chrome Browser & Chromium more secure for all users! 🎊

linkedin.com/pulse/proud-da…

Introducing InternetCTF! 🤯 Earn up to $10,000 for finding RCE vulnerabilities in open-source software AND creating Tsunami plugin patches. Make the internet safer and get rewarded! 🤑 For details on the program, see our latest blog post: bughunters.google.com/blog/675213644…

🛡️Want to help make the open source world safer and earn up to $45k 💰? We've revamped our Patch Rewards Program, extending its scope and increasing rewards for security patches – with a particular focus on memory safety, including bonus multipliers! bughunters.google.com/blog/527306491…

❌ Eliminating almost all exploitable web vulnerabilities? This blog post covers how the Google security team implemented a high-assurance web framework to achieve this goal for its services, and what this framework's most important characteristics are. bughunters.google.com/blog/664431627…

Developers, tired of DOM XSS in your web applications? 😩 We were too. See how we refactored our code to solve Trusted Types violations in Gmail & AppSheet. Your guide to a safer web is here! bughunters.google.com/blog/585078655…

📢 📢 📢 Calling all vulnerability researchers interested in microcode! Check out our blog post covering EntrySign, the AMD Zen microcode signature validation vulnerability recently discovered by the Google Security team. bughunters.google.com/blog/542484235…

We're sharing the 2024 highlights of Google's vulnerability reward programs! Among other things, look out for significant reward increases 💰, new programs 🚀, and a thriving and impactful researcher community 🧑‍💻🧑‍💻🧑‍💻. security.googleblog.com/2025/03/vulner…

🔔 Android bug hunters, take note 📝! The Android VRP is now offering an extra $1,000 bonus reward to researchers who include an AutoRepro test with their vulnerability report – we're looking forward to your submissions! bughunters.google.com/blog/649696068…

🦀 Rustaceans, our Patch Rewards Program sponsored a YouTube video about "The promise of Rust" by fasterthanlime 🦀 Check it out here (ad for the PRP at 11:21): youtube.com/watch?v=zo6yZi…

☁️ Ever wondered how the Google Cloud VRP rewards security researchers? 💰🤔 Our latest podcast episode gives you the inside scoop! 🎙️ cloud.withgoogle.com/cloudsecurity/…