The cheque book of Google is open to security researchers on a large scale, having rolled out a standalone bug bounty programme focusing specifically on vulnerabilities related to artificial intelligence. The tech megagrid is offering bounties of as much as $30,000 for individuals who find severe security bugs affecting its AI systems.
The program is an indication of a sea change in how companies are thinking about protection against AI dangers. Google’s been running vulnerability award programs for a long time, but it’s never before constructed one for AI-specific threats. It’s not hard to see why that type of threat does not even remotely behave like a classical software defect.
Google Invites Ethical Hackers to Hunt for “Rogue Actions” in AI Products
The firm is inviting ethical hackers to search for what it uniquely refers to as “rogue actions”, those unexpected events when an AI does something it definitely shouldn’t. Envision instances where attackers might be able to trick Google Home into opening intelligent doors without authority, or fool Gmail into sending a summary of a person’s private mail to an unknown third party.
These are not speculative concerns. As an increasing number of consumer products are infused with AI, exploitation potential grows as well. Google hopes to pre-identify threats by discovering those vulnerabilities prior to their being utilized to attack people on a large real-world scale.
It evaluates a wide range of Google’s AI-powered products, from Search to Gemini apps, Gmail, Drive, NotebookLM, and even Jules, Google’s experimental AI assistant. Short of asking if it’s running under the hood, it’s got AI, and Google wants to test it.

But Google has placed some clear limits on what is a reportable vulnerability. Just getting an AI model like Gemini to hallucinate or give it incorrect information is not a bug. And if it creates problematic material, hate speech, misinformation, or copyrighted work that should go through a product’s built-in feedback mechanisms, not the bounty program.
Google Launches AI Bug Bounty Program and Reveals CodeMender AI Security Agent
Google explains it’s a difference that matters because content-related bugs enable its AI safety teams to retrain and fine-tune models, whereas security bugs demand speedy technical patches. The two issues require differing solutions.
To researchers inclined to dig deep, there are huge payoffs financially. The first-level awards reach as high as $20,000 for bugs in Google’s leading products. However, if your report is extraordinarily well-documented, demonstrates outstanding originality, or uncovers something remarkably dangerous, you are eligible for bonus payments, bringing your total to $30,000.
Even researchers who find flaws in less prominent tools won’t walk away empty-handed. Lower-tier rewards are still on the table for vulnerabilities in products like NotebookLM or Jules, though Google hasn’t specified exact amounts for these findings.
The company isn’t new to paying security researchers for their work. According to Google, ethical hackers have already pocketed more than $430,000 over the past two years by reporting AI-related security risks, and that was before this official program even existed. This new initiative simply formalizes the process and makes the rewards more transparent.
As part of announcing its bug bounty, Google also released a curious new development of its own: CodeMender, an AI agent aimed at scanning and fixing security holes automatically for open-source software. It’s Google’s wager that AI is part of a solution, not a source of new threats, for securing technology.
CodeMender has also delivered, having helped to repair over 70 verified security vulnerabilities, each of which a human expert thoroughly vetted before release. As Google reports, automatic security assistance of this kind may become even more necessary as codebases keep growing and getting larger and more complex.
Google’s Bug Bounty Signals AI’s Rise and Security’s New Front
Google’s new dedicated AI bug bounty effort is a sign of a larger trend: artificial intelligence is no longer science fiction. It’s built into software used by millions of individuals each day from email clients to home automation systems. As AI functionality grows, so too does the potential for hostile agents to turn it against its builders.
In requesting the global security research community to probe its systems, Google is effectively crowdsourcing its defense planning. It’s a reference to a reality no company, however large, can anticipate all possible vulnerabilities by itself.
For researchers, it’s an opportunity to make meaningful money while contributing to safer AI systems. For users, it’s a sign that at least some tech companies are taking AI security seriously enough to pay for it.




