OpenAI Offering Up to $100,000 for Critical Vulnerabilities in its Infrastructure

OpenAI has dramatically increased its maximum bug bounty reward to $100,000 for exceptional critical security vulnerabilities, up from the previous cap of $20,000. 

This fivefold increase highlights the AI leader’s growing emphasis on cybersecurity as its models advance toward artificial general intelligence (AGI) and its user base expands to over 400 million weekly active users across businesses, enterprises, and governments worldwide.

Bug Bounty Program Expansion

OpenAI’s enhanced Security Bug Bounty Program now offers substantially higher rewards to security researchers who responsibly identify and report significant vulnerabilities in the company’s infrastructure and products. 

The program aims to incentivize the discovery of sophisticated security flaws that could potentially compromise OpenAI’s systems.

“Security threats evolve constantly and as we get closer to AGI, we expect our adversaries to become more tenacious, numerous and persistent,” the company stated in its announcement.

To celebrate the expansion, OpenAI is launching limited-time promotional periods with additional bounty bonuses for qualifying reports within specific vulnerability categories.

Each promotion comes with clearly defined eligibility criteria and timelines accessible on the company’s Bug Bounty Program page.

Launched two years ago, this program has already funded 28 research initiatives, providing valuable insights into areas such as prompt injection, secure code generation, and autonomous cybersecurity defenses. 

The program is now accepting proposals for a wider range of projects, focusing on critical areas like:

• Software Patching: Leveraging AI to detect and patch vulnerabilities efficiently.
• Model Privacy: Enhancing robustness against unintended exposure of private training data.
• Detection and Response: Improving capabilities against advanced persistent threats.
• Security Integration: Boosting accuracy and reliability of AI integration with security tools.
• Agentic Security: Increasing resilience in AI agents against sophisticated attacks.

To facilitate rapid prototyping of innovative ideas, OpenAI is introducing microgrants in the form of API credits.

These microgrants will enable researchers to quickly test and refine their concepts, fostering a more agile and responsive cybersecurity ecosystem.

The bounty increase comes alongside several other security enhancements at OpenAI.

The company has partnered with SpecterOps to conduct continuous adversarial red teaming exercises that simulate sophisticated attacks across corporate, cloud, and production environments.

OpenAI is also leveraging its own AI technology to develop security agents that enhance threat detection capabilities and enable rapid response to evolving adversarial tactics. 

These AI-driven defenses supplement conventional security measures while providing more precise and actionable intelligence to counter sophisticated cyberattacks.

“At OpenAI, security is a deep-rooted commitment that strengthens as our models and products advance,” the company emphasized.

As OpenAI continues developing next-generation AI projects, including infrastructure initiatives like Stargate, security considerations are being integrated from the ground up. 

For security researchers and engineers interested in these initiatives, OpenAI is actively recruiting talent to expand its security program across multiple dimensions.

This substantial bounty increase signals OpenAI’s recognition that as its AI systems become more powerful and widely deployed, the security stakes continue to rise, requiring proportionally stronger investments in identifying and addressing potential vulnerabilities before they can be exploited.

Investigate Real-World Malicious Links & Phishing Attacks With Threat Intelligence Lookup - Try for Free

The post OpenAI Offering Up to $100,000 for Critical Vulnerabilities in its Infrastructure appeared first on Cyber Security News.