Redazione RHC : 3 October 2025 16:12
Vulnerability bounty platform HackerOne reported that white hat hackers worldwide received $81 million in compensation over the past 12 months. According to the company, this represents a 13% increase over the previous year.
Today, HackerOne manages over 1,950 bug bounty programs and provides vulnerability disclosure, penetration testing, and code security auditing services. Its clients include Anthropic, Crypto.com, General Motors, GitHub, Goldman Sachs, Uber, and government agencies, including the U.S. Department of Defense.
On average, active programs pay researchers about $42,000 annually . The top 100 programs on the platform alone paid out a total of $51 million between July 2024 and June 2025. The top ten programs paid out $21.6 million of the total.
Researchers are also seeing earnings growth: the top 100 bug hunters collectively earn $31.8 million. More and more specialists are earning six-figure annual salaries.
HackerOne emphasizes that the sharp increase in compensation payments is due to the rapid development of AI-related vulnerabilities . Over the past year, the number of such reports has grown by over 200%, while “injection prompt” cases have increased by 540%, making them the fastest-growing threat class in the AI industry.
At the same time, there’s a decline in classic categories: XSS and SQL injection are becoming less common. However, authorization errors, including incorrect access control and IDOR (direct insecure object reference), are showing a significant increase.
According to the report, in 2025, HackerOne counted 1,121 programs that included AI technologies in its searches. This represents a 270% increase over the previous year. Furthermore, over 560 reports submitted by autonomous AI agents were validated.
The company emphasizes that the use of artificial intelligence tools is becoming an integral part of researchers’ workflows . Of the 1,820 specialists surveyed, 70% admitted using such solutions to improve the efficiency of vulnerability detection.
“AI vulnerabilities have increased more than 200% year over year, and enterprise mitigation initiatives are growing three times faster than last year,” said Kara Sprague, CEO of HackerOne.
She says a new generation of so-called “bionic hackers,” who use artificial intelligence to enhance their skills, is capable of identifying vulnerabilities on an unprecedented scale.
Redazione