InfoSecBulletin Cybersecurity for mankind
OpenAI has increased its maximum bug bounty payout to $100,000, up from $20,000, to encourage the discovery of critical vulnerabilities in its systems and products.
The new bounty program is part of OpenAI’s broader security efforts, which also include funding research projects, ongoing adversarial testing, and collaboration with open-source software communities.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
OpenAI will offer higher payouts for critical security findings and bonus promotions for qualifying reports during specific times.
The company announced an expansion of the Cybersecurity Grant Program, which has funded 28 research initiatives since its launch in 2023.
OpenAI stated that the funded projects have tackled issues like prompt injection, secure code generation, and creating autonomous cybersecurity defenses.
The program is now inviting hackers to suggest projects on software patching, model privacy, threat detection and response, security integration, and resilience against advanced attacks.
OpenAI is introducing microgrants in the form of API credits to help researchers quickly prototype innovative security solutions.
OpenAI is working with experts from academic, government, and commercial labs to assess skill gaps and enhance its models’ ability to identify and fix vulnerabilities.
The company is partnering with startup SpecterOps to provide ongoing adversarial red teaming for corporate, cloud, and production environments.
The company stated that the simulated attacks aim to identify weaknesses before malicious actors can take advantage of them.
