Six hackers in total have each now pocketed more than $1 million from finding vulnerabilities in bug-bounty programs including one from the U.S. That figure comes as more programs bump up rewards due to more high-severity vulnerabilities being found, HackerOne report says. Overall, bounty hunters have earned $12 million over the past 12 months for finding vulnerabilities. The average bounty paid for critical vulnerabilities increased 48 percent over last year s average across all industries, from $2,281 to $3,384.
Source: https://threatpost.com/six-hackers-1m-bug-bounty-programs/147868/