Hello Hackers,
🎺 As you may have heard, we partnered with NahamCon 2024 this year offering $50,000 in bonuses for the rest of the month of May 🥳!
In addition to the bonus table below, there is a scholarship program for one lucky hacker who submits a valid bug to our program during this time where NahamCon will pay for your entire trip to DEFCON in LAS VEGAS ✈!
Make sure to tag your submissions with "[NahamCon2024]” in the title so we know to consider you for any of the bonuses below.
| Bonus Name | Bonus Amount | # of bonuses | Notes |
|---|---|---|---|
| Critical Thinker | $10,000 | 1 | First valid Critical severity report |
| Aim High | $5,000 | 2 | First 2 valid High severity reports |
| Medium Submissions | $500 | 10 | First 10 valid Medium severity reports |
| Newcomer | $500 | 10 | First 10 "new to Yahoo" hackers' first valid report |
| Re-igniter | $500 | 5 | First 5 "back to Yahoo" hackers' first valid reports |
| Yahoo Mail | $2,500 | 1 | First valid medium or higher severity report on Yahoo Mail |
| Yahoo Finance | $2,500 | 1 | First valid medium or higher severity report on Yahoo Finance |
| Mobile App | $2,500 | 1 | First valid medium or higher severity report related to any Yahoo Mobile apps |
| Submission Multiplier | $1,000 | 5 | First 5 hackers to report 5 valid submissions |
| Submission Multiplier | $2,500 | 2 | First 2 hackers to report 5 or more valid High & Crits |
Re: Submission Multiplier Bonuses - We do encourage hackers to collaborate, but the credit for the report is counted only towards the reporters
To get in on more of the fun and updates, check out NahamSec's Discord
Hey Hackers!!
💸 100% Bonus. 💸 Bam. Yeah, we said it. It’s March Madness and apparently, we’ve gone crazy enough to double the base pay on any medium or higher severy reports on some of the top Yahoo properties through the end of March! We’ve got a $100k bonus pool up for grabs. Will you score a win?
Targets in Scope: Yahoo Search, Yahoo Finance, Yahoo Mail, Yahoo Homepages, Yahoo Games, AOL Homepages, Membership and Yahoo News
Start Date: 3/18/2024 11 AM ET
End Date: 3/31/2024 11:59 PM ET
Happy hacking!
The Yahoo Bug Bounty Team