bug bounty programs Archives

AppWizard

May 23, 2025

This Is The Best Crypto Mining App For Android In 2025

BlockDAG X1 is a mobile-first crypto mining app for Android that allows users to mine up to 20 BDAG coins daily using a Proof-of-Engagement (PoE) algorithm, which minimizes battery usage. The app has a size of 50 MB and is designed for easy download and use without requiring technical expertise. It has a community of over 200,000 active miners and a presale that has raised over 8 million. Key features include energy efficiency, rigorous security measures, ecosystem integration, and a user-friendly interface. BlockDAG X1 has received mixed reviews, with some users praising its community and growth potential while others express skepticism about its quality and presale model. As of 2025, the app has undergone significant updates, with over 19.3 billion coins sold and anticipated exchange listings. Users are advised to conduct thorough research and be cautious of market volatility and potential scams in cryptocurrency mining.

Winsage

March 15, 2025

Microsoft Pays Hackers $16.6 Million—But Windows Zero Days Continue

Microsoft's bug bounty program, established in 2013, has paid over million to ethical hackers for identifying vulnerabilities in its products. In the latest reporting period, Microsoft allocated .6 million to reward these contributions. External security researchers, referred to as hackers, are compensated through this program, which promotes coordinated vulnerability disclosure. A zero-day attack occurs when a vulnerability is known to the vendor but not yet patched, creating a risk for exploitation. While ethical hackers help reduce zero-day threats, some individuals exploit vulnerabilities for profit, highlighting that bug bounty programs cannot fully eliminate these risks.

AppWizard

August 19, 2024

Google Play will no longer pay to discover vulnerabilities in popular Android apps

Google is winding down the Google Play Security Reward Program (GPSRP), effective August 31st, due to a decrease in actionable vulnerabilities reported by the security research community. The program, launched in late 2017, incentivized researchers to disclose vulnerabilities in popular Android applications, initially focusing on a limited number of developers and later expanding to all apps on the Google Play Store with at least 100 million installations. Maximum rewards were increased over time, reaching up to 0,000 for remote code execution vulnerabilities. The program contributed to enhanced security on the Play Store, helping over 300,000 developers fix more than one million apps by 2019. Google cited overall improvements in the security landscape of Android as the reason for discontinuing the program. Reports submitted before the end date will be triaged by September 15th, with final reward decisions made by September 30th.

AppWizard

August 19, 2024

Google Play ends rewards for Android app bug hunters

Google is set to conclude the Google Play Security Reward Program (GPSRP) on August 31, due to a decline in actionable vulnerabilities being reported, which Google attributes to improvements in Android OS security. The GPSRP, launched in October 2017, incentivized researchers to identify vulnerabilities in popular Android applications on the Google Play Store, expanding over time to include all apps with at least 100 million installations. Through the program, developers earned money for finding security flaws, and it helped over 300,000 developers fix more than 1,000,000 applications, reducing the number of risky apps. The closure of the GPSRP raises concerns about the motivation for security experts to report vulnerabilities responsibly, particularly for apps from companies with weaker bug report management systems.