| Cult of Mac

Security researcher scoops $100,000 bounty for helping squash Sign in with Apple bug


Sign in with Apple
Now hopefully bug-free.
Photo: Apple

A security vulnerability with “Sign in with Apple” could have allowed hackers to carry out a full account takeover of user accounts accessed using the feature. Fortunately, the bug was spotted by India-based security researcher Bhavuk Jain.

In a blog post published over the weekend, Jain noted that he made Apple aware of the vulnerability back in April. It was subsequently fixed. Thanks to Apple’s bug bounty program, he was then paid $100,000 as a thank you from the Cupertino tech giant.

Apple offers up to $1.5 million to anyone who spots a software flaw


Apple offers up to $1.5 million to anyone who spots a software flaw
White hat hackers assemble!
Photo: United Artists

Spotted a vulnerability in Apple software, but not among Cupertino’s chosen developers tasked with seeking out bugs? No problem. As of today, Apple’s $1.5 million bug bounty program is available everyone who wants to participate. Previously, it was only open to a select few.

The bug bounty means people can earn up to 7-figures for finding weaknesses in Apple software. These could otherwise be exploited by nefarious hackers.

Apple might give hackers special iPhones to plug security problems


The CIA has a team of more than 5,000 hackers.
This is what a real hacker looks like. Dry ice is not optional.
Photo: Brian Klug/Flickr CC

Apple has historically not been a company in favor of people jailbreaking its devices. So why would Cupertino give hackers special iPhones to help them find weaknesses in iOS? To patch those problems, of course!

According to a new report, Apple will announce plans this week at the Black Hat security conference in Las Vegas to hand out such devices to security researchers. Apple also will introduce a new Mac bug bounty program to reward anyone who finds security problems in macOS.