Google Expands Bug Bounty Program to Target AI Threats
(Google Expands Bug Bounty Program to Include AI-Related Vulnerabilities)
MOUNTAIN VIEW, Calif. – Google announced a significant expansion to its Vulnerability Rewards Program (VRR) today. The update explicitly includes bugs found within artificial intelligence systems. This move addresses growing security concerns around AI technology.
The program now welcomes reports on AI-specific flaws. These include prompt injections, training data extraction issues, adversarial perturbations causing model misbehavior, and problems linked to AI “hallucinations” generating wrong outputs. Google wants researchers to find these weaknesses before malicious actors exploit them.
Google recognizes AI security is critical. The company believes proactive discovery strengthens its AI products. Fixing vulnerabilities early makes AI safer for everyone. This expansion covers generative AI models and other AI-powered applications within Google’s scope.
Researchers can submit findings through the existing VRP process. Google will assess each report based on impact and severity. Higher rewards are possible for the most critical AI vulnerabilities. Bounties start at several hundred dollars. They can reach tens of thousands for major discoveries.
(Google Expands Bug Bounty Program to Include AI-Related Vulnerabilities)
Security researchers are encouraged to participate. Finding and reporting AI flaws helps Google build more robust systems. The company states this initiative reflects its commitment to responsible AI development. Google aims to stay ahead of emerging threats in the fast-evolving AI landscape. The updated program rules provide specific details on eligible AI vulnerability types. Google hopes this attracts more experts to scrutinize its AI offerings. The expanded VRP is active immediately.