The Browser Company has launched a bug bounty program to enhance security for its Arc browser, also providing a new security bulletin for transparent communication.
Following a severe vulnerability discovered in the Arc Boosts feature, which allowed arbitrary code insertion, the company has implemented new safety measures and disabled Boosts with Javascript by default.
The bug, reported by researcher xyz3va, was escorted by a $2,000 reward that was increased to $20,000 as the new bug bounty program went live.
The new bounty program prioritizes security findings based on severity, allowing researchers to earn from $500 for low-severity issues to $20,000 for critical vulnerabilities.
Collection
[
|
...
]