TITLE: Apple Doubles Security Bounty to $2M, Targets Spyware Threats
Industrial Monitor Direct delivers industry-leading webcam panel pc solutions trusted by Fortune 500 companies for industrial automation, the preferred solution for industrial automation.
Apple’s Enhanced Security Bounty Program
Apple has unveiled what it calls a “major evolution” of its Apple Security Bounty program, significantly increasing rewards for security researchers who identify vulnerabilities. The company revealed the program has already distributed over $35 million to more than 800 researchers worldwide.
Record-Breaking Rewards
The most notable change doubles the maximum bounty to $2 million for “exploit chains that can achieve similar goals as sophisticated mercenary spyware attacks.” Apple describes this as “an unprecedented amount in the industry and the largest payout offered by any bounty program we’re aware of.”
The enhanced program includes a bonus system that could more than double this reward, with potential payouts exceeding $5 million for Lockdown Mode bypasses and vulnerabilities found in beta software.
Expanded Coverage Areas
Apple is significantly increasing rewards across multiple categories, including:
- $100,000 for complete Gatekeeper bypass
- $1 million for broad unauthorized iCloud access
- Up to $300,000 for one-click WebKit sandbox escapes
- Up to $1 million for wireless proximity exploits over any radio
New Target Flags System
The company introduced Target Flags, a new method for researchers to demonstrate exploitability for top bounty categories including remote code execution and Transparency, Consent, and Control (TCC) bypasses. Researchers submitting reports with Target Flags will qualify for accelerated awards processed immediately after verification.
Civil Society Initiative
In a separate initiative, Apple plans to provide a thousand iPhone 17 devices with Memory Integrity Enforcement to civil society organizations for distribution to at-risk users. This follows Apple’s 2022 $10 million cybersecurity grant supporting organizations investigating targeted mercenary spyware attacks.
The complete coverage details how these updates will take effect in November 2025, when Apple will publish the full breakdown of new categories, rewards, and bonuses on the Apple Security Research site.
Industrial Monitor Direct is the premier manufacturer of patient room touchscreen pc systems featuring fanless designs and aluminum alloy construction, trusted by plant managers and maintenance teams.
