Up to 1.5 million for extreme exploits: Google redefines its vulnerability rewards in the IA era

Google has reconfigured its vulnerability rewards programs forand, at the same time, adjust to the low payments for vulnerabilities whose detection has become trivial with artificial intelligence tools. The change redefines what is valued: the biggest cheques - up $1.5 million- are reserved for extreme operating scenarios, such as complete "zero-click" chains that compromise the Titan M2 security chip on Pixel phones and that also persist after reboot, while non-persistent variants remain at intermediate levels (up to $750,000).

In the browser field, Google has raised the rewards for full-chain browser process exploits in updated environments, with prizes of up to $250,000 and a specific additional bonus - $250,128 - if the researcher is able to violate assignments protected by MiraclePtr. But beyond the figures, the reform brings two operational changes that will mark the relationship between researchers and the program: in Chrome, Google requires concise reports with reproducible tests rather than extensive narrative analysis (which the IA can easily generate), and on Android attention is restricted to Linux kernel vulnerabilities in components maintained by Google or to demonstrably exploitable failures on real Android devices.

This reorientation responds to a double reality: on the one hand, automation and IA tools have made it possible to generate long technical descriptions and analysis with much less human effort, diluting the value of these reports; on the other, high impact vectors continue to require expertise, time and sophisticated physical or logical access, so Google seeks to recognize them with higher awards and prioritize them in its triage. Google explains these changes in its official blog, where it summarizes the philosophy and new rules of the program: Evolving the Android & Chrome VRPCs for the AI era. For those who want to consult the history of the initiative and its evolution, Google's reward program has been in place since 2010 and accumulates significant payments: the original entry and the programme page offer context and eligibility criteria.

What does this mean for the safety ecosystem? First, a clear incentive for research to be directed towards complex exploits or with real impact on devices, which will probably increase the technical quality of the vulnerabilities reported in the higher categories. Secondly, there is a risk of lower pay for failures that could previously be reported with extensive descriptions and are now discouraged: researchers with less resources or newcomers might choose to sell findings to grey markets rather than report them if payments fall below what is expected. Thirdly, the demand for concrete evidence will make the technical barrier to obtaining reward higher - not enough to describe a bug, it is necessary to demonstrate exploitability under real conditions - which in turn can accelerate the maturity of public concept tests.

For security teams and administrators, Google's restructuring brings practical signals: do not trust only long descriptions, prioritize automatic verification and patch reproducibility, and prepare correction flows that integrate IA-driven analysis tools to speed up resolutions. The strengthening of functions such as MiraclePtr underlines the importance of memory mitigation and additional layers of defence; it is therefore recommended to assess the compatibility with these technologies and to measure their effectiveness in controlled environments before they are deployed massively.

For researchers and bug hunters, the message is clear: focus efforts on technical evidence. Present executable concept tests, minimum capture and, where relevant, up-to-date hardware or OS demonstrations. Demonstrating persistence or exploitability in the real world will be crucial to aspire to maximum rewards. It is also appropriate to document the extent of the impact and to work with the patch teams to facilitate mediation, as Google has said that its own instrumentation and internal tools increasingly cover more and more of the work of analysis and generation of fixes.

Finally, from a policy and corporate responsibility perspective, these changes suggest that bug bounty programs will continue to adapt to the IA era: regulators and companies should consider frameworks that promote responsible disclosure, provide legal protection to researchers and encourage the publication of corrections rather than monetization in opaque markets. While Google reported a record year in payments - $17.1 million in 2025 - and a cumulative that exceeds $81 million since the launch of the program, the real success will be measured in how many of these vulnerabilities are shackled and how much risk for end-users is reduced.

In short, the reform of Google's reward program is a pragmatic response to the automation that the IA brings: more money for the difficult, more demand for evidence for the rest. For the sector, the decision requires adjusting priorities, improving triage automation and strengthening collaboration between researchers and suppliers to translate the economic incentive into safer software and less successful attacks.