Apple doubles its bug bounty payout to $2 million
Apple just made bug hunting a lot more rewarding, doubling its top Security Bounty payout to $2 million for exploit chains capable of achieving "mercenary spyware-level" attacks.
Starting November 2025, bonuses could push rewards past $5 million for hacks that beat Lockdown Mode or show up in beta software.
Since launching, Apple's program has paid out over $35 million to 800 researchers.
Other payouts have also jumped across the board
Payouts have jumped across the board: finding ways into iCloud or wireless proximity exploits that target any radio interface can now earn you $1 million.
One-click WebKit sandbox escapes score up to $300,000, and a full Gatekeeper bypass is worth $100,000.
Apple's also added Target Flags—making it easier (and faster) for researchers to prove their finds and get paid even before fixes roll out.
Apple is also giving away iPhone 17s
Apple isn't stopping at cash—it's giving away 1,000 iPhone 17s with its toughest memory safety tech to organizations supporting people at risk of spyware attacks.
The company says this move highlights its commitment to protecting users from advanced threats.
Full details on the new bounty program will be live on Apple's Security Research site this November.