Apple Officially Launches Public Bug Bounty Program Covering All Apple Software - MacRumors
Skip to Content

Apple Officially Launches Public Bug Bounty Program Covering All Apple Software

Apple today officially opened its bug bounty program to all security researchers, after the company announced the expansion plan at the Black Hat conference in Las Vegas earlier this year.

apple bug bounty image
Prior to now, Apple's bug bounty program was invitation-based and non-iOS devices were not included. As reported by ZDNet, from today any security researcher who locates bugs in iOS, macOS, tvOS, watchOS, or iCloud will be eligible to receive a cash payout for disclosing the vulnerability to Apple.

Apple has also increased the maximum size of the bounty from $200,000 per exploit to $1 million depending on the nature of the security flaw. A zero-click kernel code execution with persistence will earn the maximum amount.

Apple says it will add a 50 percent bonus on top of the standard payout for bugs found in beta software, which allows the company to nix the issue before the OS version goes public. It is also offering the same bonus for so-called "regression bugs" – these are bugs that Apple has patched in the past but which have been accidentally reintroduced in a later version of the software.

Apple has published more information on its website detailing the bug bounty program's rules, as well as a full breakdown of the rewards being offered to researchers based on the exploits they uncover.

When submitting reports, researchers must include a detailed description of the issue, an explanation of the state of the system when the exploit works, and enough information for Apple to reliably reproduce the issue.

Next year, Apple plans to provide vetted and trusted security researchers and hackers with "dev" iPhones, or special iPhones that provide deeper access to the underlying software and operating system that will make it easier for vulnerabilities to be discovered.

These iPhones are being provided as part of Apple's forthcoming iOS Security Research Device Program, which aims to encourage additional security researchers to disclose vulnerabilities, ultimately leading to more secure devices for consumers.

Popular Stories

iPhone 11 Pro Feature Green

Apple's A12 and A13 Chips Facing New Unpatchable Exploit

Thursday June 18, 2026 9:17 am PDT by
Security research firm Paradigm Shift today published details of a new BootROM vulnerability affecting Apple's A12 and A13 chips, along with a working proof-of-concept exploit named "usbliter8." The BootROM, or SecureROM, is the first code an iPhone runs when it powers on. Because it is baked directly into the chip at manufacture, any vulnerability found there cannot be fixed with a software ...
Apple TV Thumb 3

Everything Coming in the 2026 Apple TV 4K

Wednesday July 8, 2026 4:51 pm PDT by
The Apple TV 4K hasn't been updated since 2022, and it's due for a refresh. An update is planned for 2026, but Apple is likely going to wait to launch it after Siri AI launches in iOS 27. Design Apple TV design updates don't happen often, and that's not changing. The next Apple TV is going to have the same squircle shape as the current model, and it'll continue to be made from a black...
iphone 16 teal

'Siri AI' Lawsuit Update: Apple to Pay Owners of These iPhone Models

Thursday July 9, 2026 7:08 am PDT by
In May, Apple agreed to pay $250 million to settle a U.S. class action lawsuit over Siri AI's delayed launch, and eligible iPhone users could receive up to a $95 payout. This week, the California court overseeing the case held a hearing regarding preliminary approval of the settlement, but the judge has not yet issued a ruling. It will likely be at least a few more months before eligible...

Top Rated Comments

Justin Cymbal Avatar
86 months ago
Definitely incentivizes people to find vulnerabilities the legit way while also getting compensated

Huge increase of the maximum payout too! $200,000 to $1 million

I'm glad that Apple is finally doing this program...
Score: 21 Votes (Like | Disagree)
86 months ago
I got want all ready: Computer is buggy.
Reproductive steps: Install macOS Catalina.
Score: 10 Votes (Like | Disagree)
86 months ago
This is great news, sure it will cost a lot of money to run, but it will pay off in security and loyalty. It was always a mystery why only iOS devises were open for bounty. I suppose Apple wanted to finish Catalina first and prevent more exploits with stronger Catalina security features.
Score: 9 Votes (Like | Disagree)
dogslobber Avatar
86 months ago

Yeah great idea. Let’s put a billion Mac and iOS users at risk to satisfy your ridiculous and uninformed notion that security risks only occur due to laziness and lack of testing.
This is a pretty uneducated response.
Score: 8 Votes (Like | Disagree)
adrianlondon Avatar
86 months ago
Dear Apple,
MAIL!

*retires*
Score: 6 Votes (Like | Disagree)
Steve121178 Avatar
86 months ago
Should have happened years ago. I expect a lot of people are going to earn very well from this.
Score: 6 Votes (Like | Disagree)