Overrun with AI Slop, cURL Scraps Bug Bounties to Ensure "Intact Mental Health"

Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health"

The project developer for one of the Internet’s most popular networking tools is scrapping its vulnerability reward program after being overrun by a spike in the submission of low-quality reports, much of it AI-generated slop. “We are just a small single open source project with a small number of active maintainers,” Daniel Stenberg, the founder and lead developer of the open source app cURL, said Thursday. “It is not in our power to change how …

Curl ending bug bounty program after flood of AI slop reports

The developer of the popular curl command-line utility and library announced that the project will end its HackerOne security bug bounty program at the end of this month, after being overwhelmed by low-quality AI-generated vulnerability reports.

Drowning in AI slop, cURL ends bug bounties

Enough is enough. Daniel Stenberg, lead developer and founder of cURL, the popular, open source internet file transfer protocol, is closing down cURL’s bug bounty program at the end of January. Why? Because cURL’s maintainers are being buried in AI slop. In an interview conducted over Mastodon, Stenberg told The New Stack, “It is our attempt to remove the incentives for submitting made-up lies. The submission quality has plummeted; not only are …

cURL suspends bug bounty program due to a series of poor-quality AI vulnerability reports

The development team of the open-source network tool ' cURL ' has been running a 'bug bounty program' since 2019, which pays rewards to researchers who discover security vulnerabilities. However, in recent years, the cURL security team has announced that it will discontinue the bug bounty program due to the large number of low-quality vulnerability reports generated by AI. curl.se/.well-known/security.txt https://curl.se/.well-known/security.txt…

cURL Gets Rid of Its Bug Bounty Program Over AI Slop Overrun

Daniel Stenberg says the inflow of AI slop has become unsustainable for the curl security team to handle.

A torrent of AI slop submissions forced an open source project to scrap its bug bounty program – maintainer claims they’re removing the “incentive for people to submit crap”

A bug bounty program run by Curl, a popular open source data transfer service, has been shut down amidst an onslaught of AI-generated ‘slop’ contributions.