Apple Doubles Top Security Bounty to $2 Million to Combat Mercenary Spyware

Apple has announced a major evolution of its Security Bounty program, introducing the industry's highest rewards and new research categories to encourage a focus on the most sophisticated threats. The company is doubling its top payout to $2 million for exploit chains that mimic real-world mercenary spyware attacks.

The new structure is designed to adapt to Apple's evolving security landscape, which the company says has made developing working exploits more challenging and expensive. With bonuses for bypassing Lockdown Mode or discovering vulnerabilities in beta software, the maximum potential reward can exceed $5 million.




The program is also increasing payouts across several other categories. Researchers who demonstrate a complete Gatekeeper bypass with no user interaction are now eligible for a $100,000 award, while those who achieve broad unauthorized access to iCloud data can earn up to $1 million. Apple is also expanding its bounty categories, offering up to $300,000 for one-click WebKit sandbox escapes and up to $1 million for wireless proximity exploits over any radio, a category that now includes devices with the company's in-house C1X modem and N1 wireless chip.

A new feature called Target Flags is being introduced to allow researchers to objectively demonstrate their findings and qualify for accelerated awards. Inspired by capture-the-flag competitions, these flags are built into Apple's operating systems and, when captured, provide verifiable proof of an exploit's capability. This allows Apple to process rewards immediately after verification, even before a fix is released.

Apple says the changes are a response to its own security advances, such as Memory Integrity Enforcement on the new iPhone 17, which have raised the bar for security research. The company also announced a new $1,000 award for low-impact issues to encourage researchers who are new to its platforms.

As part of the initiative, Apple will provide one thousand iPhone 17 devices to civil society organizations to get its latest security protections into the hands of at-risk users. The 2026 Security Research Device Program will also include the iPhone 17, with applications opening through October 31, 2025.


The updated bounty program will officially go into effect in November 2025, when Apple plans to publish the complete list of new categories, rewards, and bonuses.