Socket

AI-generated fake vulnerability reports, known as 'AI slop,' are increasingly polluting bug bounty platforms, wasting maintainers' time and straining trust in vulnerability disclosure programs. Without sufficient expertise, under-resourced organizations often approve and pay for such reports to avoid public fallout. This trend risks alienating genuine researchers and undermining the entire bug bounty model, as platforms struggle to adapt to these deceptive practices.

AI Slop Is Polluting Bug Bounty Platforms with Fake Vulnerab...

A squad for all things pentesting, web, APIs, infrastructure and networks mainly but also some social engineering, mobile, cloud, DevOps and WiFi pentesting too.