Security Affairs reports that zero-day vulnerability research hub and acquisition platform Crowdfense has increased its exploit acquisition program to provide up to $30 million in total rewards, while expanding its scope to cover security issues impacting enterprise software, messengers, and Wi-Fi/baseband.
Under the expanded program, iOS zero-day exploits will be worth $5 million to $7 million, while Android zero-days will command up to $5 million. On the other hand, Crowdfense will be giving bounties of $3 million to $5 million for zero-days impacting iMessage and WhatsApp, as well as rewards of up to $3.5 million and $3 million for Safari and Chrome zero-days, respectively.
"Payouts for full-chains or previously unreported, exclusive capabilities, range from USD 10,000 to USD 9 million per successful submission. Partial chains will be evaluated on a case-by-case basis and priced proportionally," said Crowdfense.
Such a development comes five years after the firm introduced its $10 million bug bounty program and Vulnerability Research Hub platform.
