This is an automated archive made by the Lemmit Bot.

The original was posted on /r/jailbreak by /u/zuiaiqie on 2025-10-11 02:06:02+00:00.

I came across this news today and it’s got me thinking: with Apple cranking up their bug bounty payouts big time, it’s probably going to make it even harder for the community to get exploits shared. Hackers might just cash in instead of giving them away for jailbreaks. Here’s a quick bullet-point summary of the key changes to their Security Bounty program:

Top Rewards Doubled: Maximum bounty jumps to $2 million for full exploit chains mimicking advanced spyware attacks (previously $1 million), with potential bonuses pushing totals over $5 million for Lockdown Mode bypasses or beta vulnerabilities.

Specific Category Increases: Zero-click remote exploits now up to $2M (from $1M); one-click remote attacks to $1M (from $250K); wireless proximity exploits to $1M (from $250K); physical device access exploits to $500K (from $250K); app sandbox escapes to $500K (from $150K).

New and Expanded Categories: Added rewards for one-click WebKit sandbox escapes ($300K), chaining to unsigned code execution ($1M), and exploits over any radio interfaces ($1M). Also, Gatekeeper bypass at $100K and unauthorized iCloud access at $1M.

Eligibility and Bonuses: Introduced “Target Flags” for faster payouts on verifiable exploits across all Apple platforms. Bonuses for beta issues and Lockdown Mode. Even low-impact bugs now get a flat $1K plus credit.

Effective Date and More: Changes kick in November 2025, with full details coming to their site. They’re also giving out 1,000 iPhone 17s to at-risk groups and expanding research devices.

Original link: https://security.apple.com/blog/apple-security-bounty-evolved/