Google Introduces New AI Bug Bounty Program
On Monday, Google unveiled a specialized reward program aimed at identifying bugs in its AI products. The initiative provides a detailed list of qualifying bugs, highlighting specific instances of rogue actions the company seeks to address. Notable examples include scenarios where an AI prompt could inadvertently enable Google Home to unlock a door or execute a data exfiltration prompt that compiles and sends a summary of a user’s emails to an attacker.
This new program delineates what qualifies as an AI bug, categorizing them as security vulnerabilities that leverage large language models or generative AI systems to inflict harm or exploit security gaps. At the forefront of these threats are rogue actions that could modify user accounts or compromise data, causing unwanted disruptions. One previously reported flaw allowed malicious users to control smart shutters and lighting through a compromised Google Calendar event.
Over the past two years, bug hunters have already earned more than $430,000 following Google’s invitation for AI researchers to uncover potential misuse of AI features in its products.
However, merely inducing hallucinations in Google’s AI, Gemini, will not suffice for rewards. The company clarified that issues concerning content generated by its AI—such as hate speech or infringement of copyright—should be reported through the product’s built-in feedback channel. This approach allows Google’s AI safety teams to evaluate the model’s behavior and implement necessary long-term safety training measures.
In addition to the AI bug bounty program, Google also announced the launch of an AI agent named CodeMender. This tool is designed to address vulnerabilities in code and has already assisted in applying 72 security fixes to open-source projects, following verification by human researchers.
The program offers a prize of up to $20,000 for discovering rogue actions on Google’s key products, including Search, Gemini Apps, and essential Workspace applications such as Gmail and Drive. There are opportunities for multipliers based on report quality and a novelty bonus, potentially increasing total rewards to $30,000. However, the prize diminishes for vulnerabilities identified in other products, such as Jules or NotebookLM, and for lower-tier issues, including the theft of confidential model parameters.
To customize news delivery, readers can follow topics and authors related to this story, ensuring updates appear on their personalized homepage feed.
