Google Bugs: The search engine giant has introduced a new bug bounty programme in which it will pay up to $31,337 (approximately Rs. 25 lakh) to researchers who find security holes in its open source software. This expense is based on the significance of the project and the seriousness of any risk. The range of awards for this is from $100 to $31,337.
Google announced the beginning of its Open Source Software Vulnerability Rewards Program (OSS VRP), promising to repair numerous odd or particular vulnerabilities. User assistance is necessary for this. Thus, encouraging creativity will continue. One of the biggest donors to and users of open source in the world, Google is the steward of important projects including Golang, Angular, and Fuchsia.
Google discovered a 650 percent rise in attacks on open source supply chains over the previous year. Researchers can now receive rewards under Google's own risk reward programme (VRP) for discovering bugs that may have an impact on the broader open source ecosystem.
One of the first VRP programmes ever created, it will soon celebrate its 12th anniversary. Google stated that its $10 billion commitment to enhancing cybersecurity includes its OSS VRP. For both Google users and open source users globally, this will safeguard the supply chain against these kinds of attacks, ensuring that everyone may use it safely.