Here’s what the data actually shows:

• $1.5M+ paid out since 2012 through the Internet Bug Bounty program
• 80/20 split — 80% of money went to people who found bugs, only 20% to people who fixed them
• 5% — the share of bug reports that described real, security-relevant problems (down from ~15% before AI tools)
• 22 CVEs — vulnerabilities Claude Opus found in Firefox in just 14 days
• 14 of those 22 were rated high-severity
• ~6,000 C++ files scanned by Claude in that Firefox audit
• $4,000 — what Anthropic spent in API credits trying to write working exploits (mostly failed)
• 87 confirmed vulnerabilities and $100K+ in rewards from curl’s bounty before it shut down

This isn’t just HackerOne. The whole bug bounty world is buckling:

• January 2026: Curl ended its bug bounty after receiving 7 reports in 16 hours — none of them real vulnerabilities. Creator Daniel Stenberg called it quits after AI-generated reports swamped the queue.
• March 2026: Google paused AI-generated submissions to its Open Source Software Vulnerability Reward Program.
• Node.js froze its own bounty program — as a volunteer-run project, it literally doesn’t have the budget to process the flood without HackerOne’s funding.
• Django updated its security docs to flat-out reject AI-generated reports.
• libxml2’s maintainer ended support for private vulnerability reports entirely.

The pattern is clear. Discovery used to be the bottleneck. Now fixing is the bottleneck — and nobody’s paying for fixes.

But here’s the thing nobody mentions: the quality gap between AI bug-finding and human bug-finding is closing fast.

Anthropic partnered with Mozilla and pointed Claude Opus 4.6 at Firefox’s codebase. Within 20 minutes — twenty minutes — it flagged its first Use After Free vulnerability in the JavaScript engine. Researchers validated it on a fresh Firefox install.

Over two weeks, Claude submitted 112 total reports. Mozilla issued 22 CVEs from those. The 14 high-severity bugs it found represent almost a fifth of ALL high-severity Firefox vulnerabilities patched in the entire previous year.

Firefox. One of the most tested, most audited open-source projects on the planet. And an AI casually found a year’s worth of critical bugs in a fortnight.

Anthropic was honest about the limits though: Claude is much better at finding vulnerabilities than exploiting them. They burned $4,000 in API credits trying to write proof-of-concept exploits and only succeeded twice. But they also warned that “it is unlikely that the gap between frontier models’ vulnerability discovery and exploitation abilities will last very long.”

That’s the sentence that should keep you up at night. And the one that represents opportunity if you’re paying attention.

“AI-assisted research is expanding vulnerability discovery across the ecosystem, increasing both coverage and speed. The balance between findings and remediation capacity in open source has substantively shifted.”
— HackerOne (official statement)

“Frontier language models are now world-class vulnerability researchers.”
— Anthropic (after the Firefox audit)

John Morello, CTO of Minimus, put it bluntly: valid submission rates collapsed from about 15% down to below 5% as AI-generated “slop” flooded programs across the industry.

Daniel Stenberg (curl creator) reported getting 20 submissions in January 2026 alone — in a project that historically got a handful per month. None identified a real vulnerability.

Problem 1 is AI slop — people running AI tools against codebases and dumping every output into bug bounty forms without checking if they’re real. This is the curl problem. This is the 5% validity rate. This is spam with extra steps.

Problem 2 is actually good AI — like Claude finding 22 real Firefox CVEs that hundreds of human fuzzers missed. This is the HackerOne problem. Even when the bugs are real, volunteer maintainers can’t fix them fast enough.

The industry’s current response treats both problems the same way: shut the gates. But they need completely different solutions. Problem 1 needs better filters. Problem 2 needs funding for fixes — which is the boring, unsexy part of security that nobody wants to bankroll.

Right now the money flows like this: Company pays bounty → Hacker finds bug → Maintainer fixes bug for free → Everyone profits except the maintainer.

AI just exposed how broken that was all along.

The bottleneck just shifted from finding to triaging. Every open-source project drowning in AI-generated reports needs someone who can tell garbage from gold in 10 minutes flat. Set up a service on Upwork or reach out directly to maintainers on GitHub — offer to be their AI report filter. Charge per-report or monthly retainer. You don’t need to find the bugs yourself. You need to read the AI’s homework and grade it.

Example: A security researcher in Poland started filtering AI-generated reports for three mid-sized open-source projects on GitHub. She charges $50/hour, works 15 hours a week, and makes $3K/month — the maintainers gladly pay because it saves them 30+ hours of triage time.

Timeline: 1-2 weeks to land first client if you have any security background. Post in OWASP Slack channels and open-source project Discord servers.

Here’s the gap: companies preparing for SOC 2 audits, ISO 27001 certification, or just due diligence before acquisitions need vulnerability assessments. AI tools like Semgrep, CodeQL, and even Claude via Claude Code Security can now scan codebases in hours, not weeks. The play: run the scans, filter out the noise yourself (that’s the value-add), write a clean report, and sell it as a pre-audit security assessment. You’re not hacking anything — you’re reading what the AI found and translating it into business English.

Example: A freelance pentester in Brazil used Semgrep + Claude to scan a fintech startup’s codebase before their Series A due diligence. Found 8 real issues, wrote a 12-page report, charged $4,500. The whole thing took him a weekend. The startup’s investors required the audit — they had no choice but to pay.

Timeline: 2-4 weeks to build a portfolio of sample reports. Target startups raising Series A/B through Crunchbase alerts — they always need security assessments before closing.

The entire bounty system just proved that fixing bugs is worth more than finding them now. But almost nobody is paying for fixes. Get ahead of this: find high-severity, unfixed CVEs in popular open-source libraries (they’re piling up now), write the actual patch, then submit it to the project and simultaneously pitch the fix to companies that depend on that library. Platforms like GitHub Sponsors and Open Collective let you get paid for maintenance work. The projects are desperate — they just lost their HackerOne funding.

Example: A developer in Kenya noticed three unfixed high-severity CVEs in a popular Node.js authentication library after the bounty freeze. He wrote and tested patches for all three, submitted PRs, and set up a GitHub Sponsors profile. Two companies that depended on the library sponsored him at $500/month each within a week.

Timeline: Immediate — the backlog of unfixed bugs is growing right now. Check OSV.dev for open vulnerabilities in popular packages.

Right now there’s no standardized way to tell a high-quality AI-generated bug report from garbage. Projects are flying blind. Build a simple API or browser extension that scores incoming bug reports on: specificity of the reproduction steps, whether the reporter actually tested it, code references that actually exist, and whether the vulnerability type matches the codebase. Feed it examples of confirmed-valid vs. confirmed-garbage reports to train a classifier. Sell access to open-source projects and bug bounty platforms. HackerOne’s own triage team would probably be your first customer.

Example: Two CS students in Turkey built a Chrome extension that flags likely AI-slop bug reports on HackerOne and Bugcrowd using a fine-tuned classifier trained on 2,000 labeled reports. They’re in private beta with three bounty platforms and charging $200/month per seat for triagers.

Timeline: 4-6 weeks to MVP. Use Hugging Face for the classifier, deploy on Cloudflare Workers for near-zero hosting cost.

Anthropic admitted Claude is great at finding bugs but terrible at writing exploits (2 out of 112 attempts). That means the new premium skill isn’t finding vulnerabilities — any AI can do that now. The premium skill is proving they’re exploitable. Companies pay 10x more for a working proof-of-concept exploit than a theoretical vulnerability report. If you have any offensive security skills, your hourly rate just went up. Position yourself as the “last mile” — the human who takes AI-discovered vulns and proves they’re real threats. Platforms like Synack and Cobalt pay top dollar for this exact skill.

Example: A pentester in Romania started offering “AI-to-exploit verification” as a standalone service. Companies send her AI-generated vulnerability reports, she spends 2-4 hours trying to write a working exploit, and charges $300/hour regardless of success. She’s booked 3 months out because the demand exploded after the HackerOne pause.

Timeline: Immediate if you have pentesting skills. Start by offering free verification on one high-profile open-source project to build credibility, then go paid.