NextFin news, On Saturday, October 11, 2025, Apple Inc. announced that it has doubled the maximum payout for its bug bounty program to $2 million. This move is intended to encourage security researchers to identify and report critical vulnerabilities in Apple’s software and hardware products.
The bug bounty program, which rewards external security researchers for discovering security flaws, previously offered a maximum reward of $1 million. Apple’s decision to increase the top reward to $2 million reflects the company’s commitment to strengthening the security of its ecosystem amid growing cybersecurity threats.
The program covers a wide range of Apple products and services, including iOS, macOS, watchOS, and iPadOS, as well as hardware components. Researchers who find particularly severe vulnerabilities that could lead to unauthorized access or control over devices are eligible for the highest rewards.
In exceptional cases, Apple has indicated that rewards could reach up to $5 million, depending on the severity and impact of the discovered vulnerability. This tiered reward system is designed to motivate researchers to prioritize the most critical security issues.
Apple’s bug bounty program has been operational for several years and has become a key part of the company’s security strategy. By incentivizing external experts to help identify weaknesses, Apple aims to proactively address potential threats before they can be exploited by malicious actors.
The announcement was made through Apple’s official security portal and communicated to the cybersecurity community worldwide. Apple emphasized that the increased rewards are part of its ongoing efforts to maintain user trust and protect customer data.
Security experts have welcomed the increase, noting that higher rewards often lead to more thorough and innovative vulnerability research. Apple’s move aligns with similar initiatives by other major technology companies seeking to bolster their defenses through collaborative security efforts.
Apple’s bug bounty program requires researchers to follow strict reporting guidelines to ensure vulnerabilities are responsibly disclosed and addressed promptly. The company reviews each submission carefully and works closely with researchers to verify and patch the issues.
By doubling the maximum reward, Apple hopes to attract a broader range of security talent and enhance the overall security posture of its products, which are used by millions of people globally.
Explore more exclusive insights at nextfin.ai.