The company also announced that its Abuse VRP program paid out 40% more year-over-year in 2024, based on more than 250 valid bugs targeting Google products for abuse and misuse issues, to a total of over $290,000 in rewards.
Rewards for critical vulnerabilities reported in Android and Google mobile apps topped $3.3 million, with 2% more critical and high vulnerabilities reported year over year.
Cloud VRP, launched in October for reporting vulnerabilities in Google Cloud services, tallied $500,000 in rewards based on more than 200 unique security vulnerabilities.
