press Jul 24, 2025 · TechCrunch
AI slop and fake reports are coming for your bug bounty programs
TechCrunch published an article examining how AI-generated security reports are affecting bug bounty programs, with participants reporting challenges distinguishing legitimate findings from low-quality submissions. Casey Ellis discusses the impact of artificial intelligence on vulnerability disclosure workflows and the strain it places on security teams managing large volumes of submissions.
Source description — as published
"We're getting a lot of stuff that looks like gold, but it's actually just crap,” said the founder of one security testing firm. AI-generated security vulnerability reports are already having an effect on bug hunting, for better and worse.