AMD Stiffs Researcher $10k Bug Bounty

Article excerpt

A security researcher discovered a critical flaw in AMD's processors and reported it through the company's bug bounty program, only to find AMD refused to pay the promised $10,000 reward. The vulnerability took 124 days for AMD to fix, during which time the researcher waited to see if they'd receive compensation for identifying the significant security issue. The dispute highlights tensions between major hardware manufacturers and the independent researchers who help secure their products, raising questions about how companies honor their own bounty commitments.