Bug bounty businesses bombarded with AI slop
Summary
Ars Technica (via Financial Times) reports that bug bounty programs are being flooded by low-quality, AI-generated submissions, forcing some programs to pause. Reported examples include Bugcrowd seeing a fourfold surge in reports over three weeks, Curl suspending its bug bounty program due to an explosion of AI slop, and industry voices noting that AI lowers entry barriers while enabling automated triage challenges. The piece also covers responses such as stronger validation, AI-assisted triage tools, and the view that AI will augment rather than replace human researchers, with Mythos from Anthropic mentioned as part of the evolving landscape.