Report: AI drives a surge in bug bounty reports, but "spam reports" are also on the rise.

CoinFeed reported on April 22nd, citing Cointelegraph, that the widespread application of AI has led to a surge in low-quality and even fake bug bounty reports for crypto protocols. The co-CEO of Cosmos Labs stated that their bug bounty program submissions have increased by 900% year-over-year, reaching 20 to 50 reports per day, with a significant increase in both valid and invalid reports. The creators of the open-source tool curl have announced the termination of their bug bounty program due to a flood of "AI-generated spam bug reports." The CTO of Komodo Platform pointed out that AI has lowered the cost of generating reports, leading to an influx of low-quality reports. Meanwhile, a HackerOne report shows that valid bug submissions reached 85,000 in 2025, a 7% year-over-year increase, indicating that truly valuable bug reports are still growing.