Article Details

Apple now offers $2 million for zero-click RCE vulnerabilities. Apple is announcing a major expansion and redesign of its bug bounty program, doubling maximum payouts, adding new research categories, and introducing a more transparent reward structure. Since the program launched in 2020, Apple has awarded $35 million to 800 security researchers, the company paying $500,000 for some of the submitted reports. The highest reward has been doubled to $2 million, for reporting vulnerabilities that can lead to zero-click (no user interaction) remote compromise, similar to mercenary spyware attacks. However, payouts can go as high as $5 million through the bonus system. “This is an unprecedented amount in the industry and the largest payout offered by any bounty program we’re aware of - and our bonus system, providing additional rewards for Lockdown Mode bypasses and vulnerabilities discovered in beta software, can more than double this reward, with a maximum payout in excess of $5 million,” said Apple. Other payouts increased or introduced under the new program scheme include: Apple comments that it has never received a report demonstrating a complete Gatekeeper bypass with no user interaction or broad unauthorized iCloud access, so these two are high-challenge points for bug bounty hunters. Additionally, Apple said that it has “never observed a real-world, zero-click attack executed purely through wireless proximity,” referring to the $1M ‘Wireless Proximity’ award, upped from $250,000 previously. This category is also being expanded, now including Apple-developed chips such as the C1 and C1X modems and the N1 wireless chip. For 2026, Apple plans to distribute a thousand secured iPhone 17 devices to members of civil society organizations at higher risk of being targeted by mercenary spyware. The same devices will power Apple’s Security Research Device Program next year, which security researchers can apply for by October 31. The tech giant expects that the increased awards will have an additional impact on the development of sophisticated attack chains from spyware vendors, as researchers will be more incentivized to find and report security issues. To protect its users from sophisticated spyware attacks, Apple implemented in iOS advanced protection measures like Lockdown Mode and Memory Integrity Enforcement, which make developing and carrying out stealthy spyware attacks more expensive. The Security Validation Event of the Year: The Picus BAS Summit Join the Breach and Attack Simulation Summit and experience the future of security validation. Hear from top experts and see how AI-powered BAS is transforming breach and attack simulation. Don't miss the event that will shape the future of your security strategy