AI-generated fake bug reports flood security bounty programs, causing confusion and inefficiency

AI-generated low-quality content, often termed “AI slop,” has become a growing concern in the cybersecurity sector, particularly in bug bounty programs. This phenomenon involves large language models (LLMs) producing fabricated vulnerabilities, which are then presented as legitimate findings in professional reports. Security researchers and platforms are grappling with the challenge of distinguishing between genuine threats and these AI-generated fabrications, which can overwhelm systems and dilute the value of real security discoveries. The issue has sparked frustration among cybersecurity professionals. Vlad Ionescu, co-founder and CTO of RunSybil, an AI-driven bug-hunting startup, highlighted the problem: “People receive reports that sound reasonable and look technically correct, but when you investigate, you realize they’re hallucinations—technical details made up by the LLM.” Ionescu, who previously worked on Meta’s red team, explained that LLMs are designed to generate responses, even if they lack accuracy. “If you ask for a report, the model will provide one, and users may submit it to bug bounty platforms, creating noise that distracts from real issues,” he said. Real-world examples underscore the problem. In 2023, the open-source project Curl faced a fake vulnerability report, which researcher Harry Sintonen later criticized as “AI slop” in a Mastodon post. Similarly, a developer maintaining the CycloneDX project on GitHub removed its bug bounty program after receiving predominantly AI-generated submissions. Benjamin Piouffle of Open Collective, a nonprofit tech platform, noted that their inbox was “flooded with AI garbage,” while other projects reported similar challenges. Bug bounty platforms, which connect security researchers with companies offering rewards for finding flaws, are also seeing a surge in such submissions. Michiel Prins, co-founder of HackerOne, acknowledged that false positives—vulnerabilities that appear real but are fabricated—have increased. “These low-effort reports create noise, undermining the efficiency of security programs,” he said. HackerOne now treats hallucinated vulnerabilities or vague technical content as spam. Casey Ellis, founder of Bugcrowd, reported that while AI is widely used in submissions, the volume of low-quality reports hasn’t yet spiked significantly. However, he warned that the trend could escalate. Bugcrowd’s team reviews reports manually using established workflows, supplemented by AI tools to assist in filtering. TechCrunch contacted major tech firms, including Google, Meta, Microsoft, and Mozilla, to assess their experiences. Mozilla, which manages the Firefox browser, stated it has not observed a notable rise in AI-generated invalid reports, with a rejection rate of 5–6 per month (under 10% of total submissions). A spokesperson noted that AI-driven filtering risks rejecting legitimate reports, so the company relies on manual reviews. Google and Meta declined to comment, while Microsoft did not respond. Experts predict that combating AI slop will require advanced AI systems to pre-screen submissions. HackerOne recently launched Hai Triage, a hybrid human-AI triaging tool designed to identify duplicates, prioritize real threats, and reduce noise. However, the balance between automation and human oversight remains critical to avoid misclassifying genuine vulnerabilities. As hackers increasingly leverage LLMs to generate reports and companies adopt AI for analysis, the cybersecurity community faces an evolving arms race. The challenge lies in ensuring these tools enhance, rather than hinder, the detection of actual security flaws.