The Fulu Foundation, a nonprofit that pays out bounties for removing user-hostile features, is hunting for a way to keep Ring cameras from sending data to Amazon--without breaking the hardware. Usually, when you see a feel-good story about finding a lost dog, you don't immediately react with fear and revulsion. But that was indeed the case in response to a Super Bowl commercial from Amazon-owned security camera company Ring. There's now a group offering to dole out a $10,000 bounty to wrest back control of the user data Ring controls. The ad showed off a new feature from Ring called Search Party.

Rather than offering a revolutionary new approach to gig work, RentAHuman is filled with bots that just want me to be another cog in the AI hype machine. I'm not above doing some gig work to make ends meet. In my life, I've worked snack food pop-ups in a grocery store, ran the cash register for random merch booths, and even hawked my own plasma at $35 per vial. So, when I saw RentAHuman, a new site where AI agents hire humans to perform physical work in the real world on behalf of the virtual bots, I was eager to see how these AI overlords would compare to my past experiences with the gig economy. Launched in early February, RentAHuman was developed by software engineer Alexander Liteplo and his cofounder, Patricia Tani.

New research details how Civitai lets users buy and sell tools to fine-tune deepfakes the company says are banned. Civitai--an online marketplace for buying and selling AI-generated content, backed by the venture capital firm Andreessen Horowitz--is letting users buy custom instruction files for generating celebrity deepfakes. Some of these files were specifically designed to make pornographic images banned by the site, a new analysis has found. The study, from researchers at Stanford and Indiana University, looked at people's requests for content on the site, called "bounties." The researchers found that between mid-2023 and the end of 2024, most bounties asked for animated content--but a significant portion were for deepfakes of real people, and 90% of these deepfake requests targeted women. The debate around deepfakes, as illustrated by the recent backlash to explicit images on the X-owned chatbot Grok, has revolved around what platforms should do to block such content.

Fulu sets repair bounties on consumer products that employ sneaky features that limit user control. Just this week, it awarded more than $10,000 to the person who hacked the Molekule air purifier. Companies tend to be rather picky about who gets to poke around inside their products. Manufacturers sometimes even take steps that prevent consumers from repairing their device when it breaks, or modifying it with third-party products. But those unsanctioned device modifications have become the raison d'être of a bounty program set up by a nonprofit called Fulu, or Freedom from Unethical Limitations on Users.

AI agents have the potential to significantly alter the cybersecurity landscape. Here, we introduce the first framework to capture offensive and defensive cyber-capabilities in evolving real-world systems. Instantiating this framework with BountyBench, we set up 25 systems with complex, real-world codebases. To capture the vulnerability lifecycle, we define three task types: Detect (detecting a new vulnerability), Exploit (exploiting a given vulnerability), and Patch (patching a given vulnerability). For Detect, we construct a new success indicator, which is general across vulnerability types and provides localized evaluation. We manually set up the environment for each system, including installing packages, setting up server(s), and hydrating database(s). We add 40 bug bounties, which are vulnerabilities with monetary awards from \$10 to \$30,485, covering 9 of the OWASP Top 10 Risks. To modulate task difficulty, we devise a new strategy based on information to guide detection, interpolating from identifying a zero day to exploiting a given vulnerability. We evaluate 10 agents: Claude Code, OpenAI Codex CLI with o3-high and o4-mini, and custom agents with o3-high, GPT-4.1, Gemini 2.5 Pro Preview, Claude 3.7 Sonnet Thinking, Qwen3 235B A22B, Llama 4 Maverick, and DeepSeek-R1. Given up to three attempts, the top-performing agents are Codex CLI: o3-high (12.5% on Detect, mapping to \$3,720; 90% on Patch, mapping to \$14,152), Custom Agent: Claude 3.7 Sonnet Thinking (67.5% on Exploit), and Codex CLI: o4-mini (90% on Patch, mapping to \$14,422). Codex CLI: o3-high, Codex CLI: o4-mini, and Claude Code are more capable at defense, achieving higher Patch scores of 90%, 90%, and 87.5%, compared to Exploit scores of 47.5%, 32.5%, and 57.5% respectively; while the custom agents are relatively balanced between offense and defense, achieving Exploit scores of 17.5-67.5% and Patch scores of 25-60%.

Current bias evaluation methods rarely engage with communities impacted by AI systems. Inspired by bug bounties, bias bounties have been proposed as a reward-based method that involves communities in AI bias detection by asking users of AI systems to report biases they encounter when interacting with such systems. In the absence of a state-of-the-art review, this survey aimed to identify and analyse existing AI bias bounty programmes and to present academic literature on bias bounties. Google, Google Scholar, PhilPapers, and IEEE Xplore were searched, and five bias bounty programmes, as well as five research publications, were identified. All bias bounties were organised by U.S.-based organisations as time-limited contests, with public participation in four programmes and prize pools ranging from 7,000 to 24,000 USD. The five research publications included a report on the application of bug bounties to algorithmic harms, an article addressing Twitter's bias bounty, a proposal for bias bounties as an institutional mechanism to increase AI scrutiny, a workshop discussing bias bounties from queer perspectives, and an algorithmic framework for bias bounties. We argue that reducing the technical requirements to enter bounty programmes is important to include those without coding experience. Given the limited adoption of bias bounties, future efforts should explore the transferability of the best practices from bug bounties and examine how such programmes can be designed to be sensitive to underrepresented groups while lowering adoption barriers for organisations.

Apple is willing to bet big on the safety of Apple Intelligence, so much that the tech giant has offered up to a 1 million bounty to anyone who can hack it. The company announced Thursday that it's inviting'all security researchers - or anyone with interest and a technical curiosity' to perform'their own independent verification of our claims.' The public has been challenged to test the security of'Private Cloud Compute,' the servers that will receive and process user requests for Apple Intelligence when the AI task is too complex for on-device processing. The system, according to Apple, features end-to-end encryption and immediately deletes a user's request once the task is fulfilled. There are different payouts for certain discoveries, but the 1 million goes to anyone who can run code on the system without being detected and accessing sensitive parts.

In August of 2024, 495 hackers generated evaluations in an open-ended bug bounty targeting the Open Language Model (OLMo) from The Allen Institute for AI. A vendor panel staffed by representatives of OLMo's safety program adjudicated changes to OLMo's documentation and awarded cash bounties to participants who successfully demonstrated a need for public disclosure clarifying the intent, capacities, and hazards of model deployment. This paper presents a collection of lessons learned, illustrative of flaw reporting best practices intended to reduce the likelihood of incidents and produce safer large language models (LLMs). These include best practices for safety reporting processes, their artifacts, and safety program staffing.

Civitai, an online marketplace for sharing AI models, just introduced a new feature called "bounties" to encourage its community to develop passable deepfakes of real people, as originally reported by 404 Media. Whoever concocts the best AI model gets a virtual currency called "Buzz" that users can buy with actual money. Many of the bounties posted to the site ask users to recreate the likeness of celebrities and social media influencers, most of them female. The reporting also calls out the lion's share of these results as "nonconsensual sexual images." This is the kind of thing that has been proliferating across the internet for years and years, but artificial intelligence allows for a more realistic end result.

Bias evaluation benchmarks and dataset and model documentation have emerged as central processes for assessing the biases and harms of artificial intelligence (AI) systems. However, these auditing processes have been criticized for their failure to integrate the knowledge of marginalized communities and consider the power dynamics between auditors and the communities. Consequently, modes of bias evaluation have been proposed that engage impacted communities in identifying and assessing the harms of AI systems (e.g., bias bounties). Even so, asking what marginalized communities want from such auditing processes has been neglected. In this paper, we ask queer communities for their positions on, and desires from, auditing processes. To this end, we organized a participatory workshop to critique and redesign bias bounties from queer perspectives. We found that when given space, the scope of feedback from workshop participants goes far beyond what bias bounties afford, with participants questioning the ownership, incentives, and efficacy of bounties. We conclude by advocating for community ownership of bounties and complementing bounties with participatory processes (e.g., co-creation).