Google will now pay up to $1.5 million to find Android and Chrome security flaws, says it ‘has greatly appreciated working with the research community’

Google raised rewards to $1.5 million. for top-level Android exploits, and prioritized risks beyond AI-detectable bugs
Chrome’s program now offers up to $250,000 for full chain browser exploitation, plus bonuses for Miracle Ptr bypass
The company paid DKK 17.1 million. USD to researchers in 2025, with lifetime payouts of over 81 million USD since 2010

Google is now offering up to a $1.5 million bounty to whoever can find the biggest, worst Android exploits — while “minor” exploits — those that can be found and reported on with AI — get a proportional downgrade.

Google engineers announced changes to the company’s Android and Chrome vulnerability reward programs, saying they will now reward up to $1.5 million to anyone who can persistently find a zero-click full-chain Pixel Titan M2 compromise. Those who find the same bug, without the persistence part, can expect up to $750,000 in rewards.

“We are revising our program scope to emphasize categories that represent the highest risk to our users,” Google said. “We’re also prioritizing categories that are increasingly challenging for automated AI tools to find to ensure we reward researchers for their unique skills and talents.”

The article continues below

Overhaul of the Chrome program

Going forward, the Android program will also be more focused on Linux kernel vulnerabilities in components maintained by Google, unless researchers can show that the flaws can be exploited on an Android device.

Chrome’s bounty program has also been given an overhaul. Google now provides up to $250,000 for full chain browser process exploitation on the latest operating systems and hardware, and up to a $250,128 bonus for a report that successfully exploits an allocation it believes is protected by Miracle Ptr.

Google’s bug bounty program paid out record amounts last year, Bleeping Computer reports. Apparently, it awarded $17.1 million to 747 researchers last year, up more than 40% year-over-year, hitting a record high.

In total, since the program began in 2010, Google has paid out more than $81 million, and expects the total for 2026 to be higher, despite reducing individual reward amounts.

Via Bleeping Computer

The best antivirus for all budgets

Google logo on black background next to text reading 'Click to follow TechRadar'

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds.

Must Read

Leave a Comment Cancel Reply