New post Need visibility? Apply for a FREE post for your Startup.  Apply Here

Big StoryHacksNews

Facebook offers $40k for JS vulnerabilities in bug bounty program.

1 Mins read

Facebook has expanded its bug reward program, offering up to $40,000 for critical vulnerabilities in its open source JavaScript engine.

The social media platform announced that it will increase payouts for bugs in JavaScript engine Hermes and its Spark AR platform.

Spark AR (augmented reality) is the platform used to build quirky and colorful effects within Facebook.
The statement reads:

“Given the popularity of AR effects across our products, we’d like to encourage our bug bounty community to look for bugs in Hermes and Spark AR,”.

“Native bug submissions have always been eligible under our bug bounty program, and to encourage further research into this area, we’ve decided to increase the payout amounts we award for verified bugs identified in Hermes.”

Facebook is also offering about $20,000 for any vulnerability that leaks sensitive information to an attacker.

This comes after a security researcher scored a big pay day for reporting several vulnerabilities that lead to server-side request forgery (SSRF).

The pen tester and application developer, who earned three rewards for two of four discoveries, has earned $30,000 after he discovered an internal blind SSRF in the source code of a publicly accessible endpoint, built using tools from MicroStrategy, that performed custom data collection and content generation.

Source: Harworth Jessica.

Don’t miss any tech news ever!

We don’t spam! Read our privacy policy for more info.

Related posts
News

Nigeria's SEC approves two crypto exchanges to operate in the country

1 Mins read
Following the exit of two giant crypto exchanges from Nigeria, the Securities and Exchange Commission (SEC) has granted provisional licenses to two…
News

Bolt suspends inter-country ride requests for users in Nigeria and South Africa

1 Mins read
Ride-hailing app Bolt has been forced to restrict inter-country ride requests between Nigeria and South Africa – following a bizarre social media-driven…
News

US-based Halliburton suffers cyber attack; shuts down systems

1 Mins read
Halliburton, a giant in the oil and gas sector, has become the latest victim of cyber attack. The attack, which came to…
Newsletter Subscription

🤞 Don’t miss any update!

We don’t spam! Read more in our privacy policy

Join our Telegram channel here - t.me/TechpadiAfrica

Leave a Reply