Curl ending bug bounty program after flood of AI slop reports (www.bleepingcomputer.com)

submitted 2 weeks ago by BrikoX@lemmy.zip to c/opensource@programming.dev

2 comments fedilink hide all child comments

The developer of the popular curl command-line utility and library announced that the project will end its HackerOne security bug bounty program at the end of this month, after being overwhelmed by low-quality AI-generated vulnerability reports.

you are viewing a single comment's thread
view the rest of the comments

[-] Ephera@lemmy.ml 5 points 2 weeks ago

Yeah, expected this to happen sooner or later. If it takes close to 0 effort to generate something that people believe might earn them some money, then of course, they're going to do it in droves.

this post was submitted on 23 Jan 2026

70 points (98.6% liked)

Opensource

5503 readers

120 users here now

A community for discussion about open source software! Ask questions, share knowledge, share news, or post interesting stuff related to it!

Credits

Icon base by Lorc under CC BY 3.0 with modifications to add a gradient

⠀

founded 2 years ago

MODERATORS

pylapp@programming.dev