Virtual Event: Threat Detection & Incident Response Summit - Watch Now

SECURITYWEEK NETWORK:

ICS:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Artificial Intelligence

OpenAI Offering $100K Bounties for Critical Vulnerabilities

OpenAI has raised its maximum bug bounty payout to $100,000 (up from $20,000) for high-impact flaws in its infrastructure and products.
ChatGPT vulnerability

Artificial intelligence tech giant OpenAI has raised its maximum bug bounty payout to $100,000 (up from $20,000) as part of plans to outsource the discovery of critical, high-impact vulnerabilities in its infrastructure and products.

The new bounty program is part of a broader set of security initiatives from OpenAI that includes funding for security research projects, continuous adversarial red teaming, and engagements with open-source software communities.

In addition to the higher payouts for critical security findings, OpenAI said it will provide bonus promotions for qualifying reports during limited-time periods.

The company also announced an expansion of the Cybersecurity Grant Program that has already funded 28 research initiatives since its rollout in 2023.

OpenAI said the funded projects have addressed issues such as prompt injection, secure code generation, and the development of autonomous cybersecurity defenses. 

The program is now inviting hackers to propose projects on software patching, model privacy, threat detection and response, security integration, and resilience against sophisticated attacks. 

Advertisement. Scroll to continue reading.

OpenAI said the program is also introducing microgrants in the form of API credits to help researchers rapidly prototype creative security solutions.

In parallel, OpenAI said it is collaborating with experts from academic, government, and commercial labs to benchmark skills gaps and improve its models’ ability to identify and patch vulnerabilities. 

The company is also partnering with venture-backed startup SpecterOps to conduct continuous adversarial red teaming across corporate, cloud, and production environments.

The company said the simulated attacks are aimed at finding potential weaknesses before they can be exploited by malicious actors.  

Related: Can AI Early Warning Systems Reboot the Threat Intel Industry?

Related: ChatGPT Creator OpenAI Ready to Pay Hackers for Security Flaws

Related: Microsoft Catches APTs Using ChatGPT for Malware Scripting

Related: OpenAI Unveils Million-Dollar Cybersecurity Grant Program

Written By

Ryan Naraine is Editor-at-Large at SecurityWeek and host of the popular Security Conversations podcast series. He is a security community engagement expert who has built programs at major global brands, including Intel Corp., Bishop Fox and GReAT. Ryan is a founding-director of the Security Tinkerers non-profit, an advisor to early-stage entrepreneurs, and a regular speaker at security conferences around the world.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing for the latest cybersecurity threats, trends, and expert insights.

More from

Latest News

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Virtual Event: Threat Detection and Incident Response Summit
May 20, 2026

Delve into big-picture strategies to reduce attack surfaces, improve patch management, conduct post-incident forensics, and tools and tricks needed in a modern organization.

Register

Webinar: Third-Party Risk in Practice
June 4, 2026

Organizations are investing heavily in third-party risk management, but breaches, delays, and blind spots continue to persist. Join this live webinar as we examine the gap between how organizations think their third-party risk programs are performing and what’s actually happening in practice.

Register

People on the Move

Joe Chen has become Chief Technology Officer at Trellix.

Usercentrics has named Pawan Hegde as COO and Elena Ignatova as CPTO.

SecureAuth has named Mark van Oppen as Chief Revenue Officer.

More People On The Move

Expert Insights

Popular Topics

Security Community

Stay Intouch

About SecurityWeek

News Tips

Got a confidential news tip? We want to hear from you.

Submit Tip

Advertising

Reach a large audience of enterprise cybersecurity professionals

Contact Us

Daily Briefing Newsletter

Subscribe to the SecurityWeek Daily Briefing and get the latest content delivered to your inbox.

Copyright © 2026 SecurityWeek ®, a Wired Business Media Publication. All Rights Reserved.

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest cybersecurity news, threats, and expert insights. Unsubscribe at any time.