Apple just rolled out the next big chapter for its Apple Security Bounty program. The update brings the highest rewards in the industry.
Apple raises the stakes with record-breaking bug bounty rewards
Starting this November, Apple is revamping its Security Bounty program to offer some of the largest rewards ever seen in the cybersecurity world. The program rewards security researchers who responsibly report vulnerabilities across Apple’s operating systems, devices, and services.
Apple has doubled its top reward from $1 million to $2 million for discovering exploit chains capable of achieving the same goals as advanced mercenary spyware attacks – the kind that require no user interaction.
But that’s not all. The maximum payout can now exceed $5 million for discovering even more critical vulnerabilities, such as bugs in beta software or bypasses in Lockdown Mode – Apple’s upgraded security feature designed to protect users from sophisticated attacks, especially in Safari.
The payouts for other types of discoveries are also seeing a major bump:
Exploit chains requiring one-click user interaction can now earn up to $1 million (previously $250,000).
Attacks requiring physical proximity to a device can now earn up to $1 million, also up from $250,000.
Attacks requiring physical access to a locked device can now get up to $500,000, double the previous limit.
Researchers who chain WebContent code execution with a sandbox escape can earn up to $300,000.
A preview of how Apple is increasing rewards for five key attack vectors. | Image credit – Apple
The only system-level iOS attacks we observe in the wild come from mercenary spyware — extremely sophisticated exploit chains, historically associated with state actors, that cost millions of dollars to develop and are used against a very small number of targeted individuals. While Lockdown Mode and Memory Integrity Enforcement make such attacks drastically more expensive and difficult to develop, we recognize that the most advanced adversaries will continue to evolve their techniques.
– Apple, October 10, 2025
Apple says this evolution of its bounty program is designed to encourage deeper, high-level research on its most critical attack surfaces, while also helping the company protect more than 2.35 billion active Apple devices worldwide.
Recommended Stories
The 2026 Security Research Device Program is also expanding to include iPhone 17 devices, which feature Apple’s newest security enhancements like Memory Integrity Enforcement. This program is open to qualified researchers with proven security experience on any platform, and applications are open until October 31, 2025.
Vulnerabilities discovered using these dedicated research devices will get priority review and bonus rewards under the bounty program.
Apple opens the door for advanced iOS research
Apple has always marketed the iPhone as one of the most secure smartphones out there – and updates like this only reinforce that image. By offering record-breaking rewards, Apple is not just fixing bugs faster; it’s motivating top security experts and developers around the world to help make its ecosystem even more secure.
This collaboration between Apple and the research community is a win for everyone: researchers get rewarded for their expertise, and users get better protection.
Would you trust Apple more after seeing how much it invests in security research?
Yes, they take security seriously.
33.33%
A bit more, but I still stay careful.
33.33%
Not really, I already trust them.
0%
No, it’s all PR to me.
33.33%
More rewards, more research, more protection for users
By dramatically increasing payouts, Apple is pushing the boundaries of how seriously tech companies take cybersecurity. The Apple Security Bounty isn’t just about catching small bugs – it’s about encouraging researchers to dig into the most critical and complex vulnerabilities across its platforms.
It’s a strong message: Apple wants the world’s best minds testing its systems – and it’s willing to pay generously for it.
"Iconic Phones" is coming this Fall!
Relive the most iconic and unforgettable phones from the past 20 years! Iconic Phones is a stunningly illustrated book we’ve been crafting for over a year—and it’s set to launch in just a couple of months!
Iconic Phones: Revolution at Your Fingertips is the ultimate coffee table book for any phone enthusiast. Featuring the stories of more than 20 beloved devices, it takes you on a nostalgic journey through the mobile revolution that transformed our world. Don’t miss out—sign up today to lock in your early-bird discount!
Tsveta, a passionate technology enthusiast and accomplished playwright, combines her love for mobile technologies and writing to explore and reveal the transformative power of tech. From being an early follower of PhoneArena to relying exclusively on her smartphone for photography, she embraces the immense capabilities of compact devices in our daily lives. With a Journalism degree and an explorative spirit, Tsveta not only provides expert insights into the world of gadgets and smartphones but also shares a unique perspective shaped by her diverse interests in travel, culture, and visual storytelling.
A discussion is a place, where people can voice their opinion, no matter if it
is positive, neutral or negative. However, when posting, one must stay true to the topic, and not just share some
random thoughts, which are not directly related to the matter.
Things that are NOT allowed:
Off-topic talk - you must stick to the subject of discussion
Offensive, hate speech - if you want to say something, say it politely
Spam/Advertisements - these posts are deleted
Multiple accounts - one person can have only one account
Impersonations and offensive nicknames - these accounts get banned
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts:
New accounts created within the last 24 hours may experience restrictions on how frequently they can
post or comment.
These limits are in place as a precaution and will automatically lift.
Moderation is done by humans. We try to be as objective as possible and moderate with zero bias. If you think a
post should be moderated - please, report it.
Have a question about the rules or why you have been moderated/limited/banned? Please,
contact us.
![If you woke up to SOS mode on your Verizon phone, you weren't alone [UPDATED]](https://m-cdn.phonearena.com/images/article/174761-wide-two_350/If-you-woke-up-to-SOS-mode-on-your-Verizon-phone-you-werent-alone-UPDATED.webp)
FCC OKs Cingular\'s purchase of AT&T Wireless
Things that are NOT allowed:
To help keep our community safe and free from spam, we apply temporary limits to newly created accounts: