ADVERTISEMENT

Hacker One extends safe harbor protections to AI research, cURL scraps bug bounties

AI is impacting bug bounties at both ends of the pipeline as Hacker One launches a legal safe-harbor framework for researchers, while open-source project cURL says it is scraping bounty payouts to curb a surge of low-quality AI-generated reports.

What is ethical hacking
Ann-Marie Corvin
Ann-Marie Corvin Senior Journalist
Jan 21, 2026 Updated: 21 January 2026 2 min read
Jurgita Lapienyte justinasv Izabele Pukenaite vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News
Add us as your Preferred Source on Google.
ethicalhacker
Hacker One hopes new framework for AI testing will protect ethical hackers from legal grey area. Image: Shutterstock
ADVERTISEMENT

Why cURL is stopping bounty payouts

“The real incentive for finding a vulnerability in cURL is the fame ('brand is priceless'), not the hundred or a few thousand dollars. $10,000 (maximum cURL bounty) is not a lot of money in the grand scheme of things, for somebody capable of finding a critical vulnerability in curl.”
Bug hunter Joshua Rogers.

ADVERTISEMENT