Hey hackers!

Thank you again for hunting on our program.

Following the previous program update, we have added one additional submission question regarding video proof-of-concepts. To ensure all necessary information is included in the report, videopocs are now mandatory. As a gentle reminder, you will need to tick a box saying you've added a videopoc to your report. This is in addition to the standard report format and all necessary in-writing details to reproduce the report; the videopoc does not replace the written portion of the report.

Happy hunting, and best of luck!

Hey hackers!

You've been submitting a tonne of reports. We really appreciate the interest you all have in the program. We've recently been looking at how we can make the experience better for you.

Therefore, we've updated the program a fair bit recently. First off, we have updated our rules of engagement a bit. This includes new formatting for reports; please follow this report format such that we can triage your reports as well as possible.

Secondly, we've recently seen a large increase of AI-generated or AI-assisted reports. This is totally fine, but we now also ask that you tick a box that says whether you used AI. This is a one-click change for each report.

Happy hunting, and best of luck!

Hey hackers!

Exciting news! We've expanded our bug bounty program to include all of our GitHub repositories for repository vulnerabilities - yes, all of them - so if you're into CI/CD hacking, this is your moment to shine! 💥

Our Database bug bounty program has now merged into this one, making things simpler with just one public program for you to explore.

Happy hunting and good luck!