Apple has decided to take its security rewards program to a new level. During the Hexacon 2025 global security conference, the company announced that it will double its maximum reward to $2 million, with the possibility of extra bonuses raising the final amount to more than $5 million. This move makes Apple one of the most generous companies when it comes to rewarding researchers who find vulnerabilities in its systems.
The highest reward of $2 million is reserved for those who discover highly complex exploit chains, similar to those used in spyware attacks. There are also special bonuses for researchers who manage to break the highly secure Lockdown Mode or find critical bugs in beta software. These rewards could push the total payout beyond $5 million.
Apple’s Move Raises the Bar for Competitors
With this decision, Apple sets itself apart from other major tech companies. For comparison, Google offers rewards of up to $1 million for flaws in its Titan M chip, while Meta and Microsoft’s programs have maximum payouts of $300,000 and $250,000, respectively. Apple also provides smaller prizes, such as $1 million for serious iCloud vulnerabilities or $100,000 for bypassing Gatekeeper protection in macOS.
Since 2020, Apple has paid more than $35 million to around 800 researchers. While these figures might seem high, for the company, it’s a profitable investment. It’s much cheaper to pay an expert to find a flaw than to risk someone with bad intentions exploiting the weakness. These high rewards also discourage researchers from selling vulnerabilities to malicious actors. Everyone benefits — especially users.
By offering such large bounties, Apple reinforces its image as a company that values security and user privacy. Encouraging ethical hackers to report bugs not only strengthens Apple’s ecosystem but also builds trust among users who rely on its devices every day.
