Apple just tanked its macOS security bounty payouts right when Mac malware is getting worse. Csaba Fitzl from Iru called them out on LinkedIn for cutting rewards by half to 83 percent across different categories. Full TCC bypasses that let sketchy apps grab your personal data without permission dropped from around 30k to just five grand.
Sandbox escape bugs got chopped in half to five thousand bucks, and certain TCC data vulnerabilities only pull a thousand dollars these days. The company has built up solid defenses like Lockdown Mode and memory protection on newer chips, but slashing researcher payouts seems backwards when threats keep climbing.
Sandbox escape bugs got chopped in half to five thousand bucks, and certain TCC data vulnerabilities only pull a thousand dollars these days. The company has built up solid defenses like Lockdown Mode and memory protection on newer chips, but slashing researcher payouts seems backwards when threats keep climbing.
