Skip to main content

Google will pay you $100K if you can pull off the ultimate Chrome hack

Google has doubled the top reward in its bug bounty program for Chrome from $50,000 to $100,000 in the hopes of encouraging more white hat hackers to collaborate on patching bugs and vulnerabilities.

The Chrome Reward Program, which was launched six years ago, invites hackers to try and compromise the security of Chrome devices and Chrome OS.

Recommended Videos

This latest $100,000 update applies only to the “persistent compromise” of a Chromebook in guest mode. The challenge has so far had no winners but, according to Google, “great research deserves great awards” and it’s hopeful that the hefty reward money will encourage greater research into Chromebook security.

Google has also added a brand new reward for anyone that can compromise Chrome’s Safe Browsing download protection features. This pays a baseline reward of $500.

Google has been pretty open with its bug bounty program over the years. In 2015, it paid out more than $2 million to security researchers that had discovered and disclosed vulnerabilities in various Google services, and more than $6 million since 2010.

The company runs a couple of different bug bounties such as a program for Android that pays up to $8,000 for a critical flaw or its wider security disclosure program for sites and services like Google.com, YouTube, and Blogger that pays up to $20,000.

Bug bounties are a popular way for tech companies to solicit help from the hacker and security communities on dangerous flaws and vulnerabilities that may have gone under the radar. By paying out some generous fees, the companies can encourage hackers to privately disclose bugs rather than exploit them or even sell them on the dark web.

The method seems to be catching on. Facebook recently paid out $15,000 over a serious bug that left everyone’s profile vulnerable. The Department of Defense has launched its own bug bounty program, Hack the Pentagon, to put its own website to the test.

Jonathan Keane
Jonathan is a freelance technology journalist living in Dublin, Ireland. He's previously written for publications and sites…
Google’s AI agent ‘Big Sleep’ just stopped a cyberattack before it started
Sundar Pichai

Google's AI agent, dubbed Big Sleep, has achieved a cybersecurity milestone by detecting and blocking an imminent exploit in the wild—marking the first time an AI has proactively foiled a cyber threat. Developed by Google DeepMind and Project Zero, Big Sleep identified a critical vulnerability in SQLite (CVE-2025-6965), an open-source database engine, that was on the verge of being exploited by malicious actors, allowing Google to patch it before damage occurred. “We believe this is the first time an AI agent has been used to directly foil efforts to exploit a vulnerability in the wild,” the company said.

Why it matters: As cyberattacks surge—costing businesses trillions annually—this breakthrough shifts defense from reactive patching to AI-driven prediction and prevention. It gives security teams a powerful new tool to stay ahead of hackers, potentially saving devices and data worldwide. CEO Sundar Pichai called it "a first for an AI agent—definitely not the last" according to Live Mint.

Read more
Google confirms merging Chrome OS and Android into one platform
Google Chrome app on s8 screen.

Why it matters: Google's push to blend Chrome OS and Android could supercharge affordable laptops like Chromebooks, making them more versatile for work and play. This move echoes Apple's seamless ecosystem across iPadOS and macOS, potentially shaking up the PC market where Windows dominates but innovation lags.

What's happening: In a bombshell interview, Google's Android ecosystem president Sameer Samat outright confirmed the company is "combining Chrome OS and Android into a single platform. This follows months of rumors and aligns with Android 16's new desktop-friendly features, like proper windowing and external display support. But then Samat later clarified on X that it's not a full-on merger killing Chrome OS; instead, it's about weaving Android's tech stack deeper into Chrome for better app compatibility and hardware efficiency.

Read more
WeTransfer backlash highlights need for smarter AI practices
A pair of hands using a keyboard on a laptop.

A recent update to WeTransfer’s terms of service caused consternation after some of its customers feared that it meant content from files uploaded to the popular file-sharing service would automatically be used to train AI models.

But the Netherlands-based company insisted on Tuesday that this is not the case, saying in a statement that it "does not sell user content to third parties,” and nor does it "use AI in connection with customer content.”

Read more