Just weeks after Apple hiked the rewards under its Security Bounty program to a new zenith, the tech giant has now drastically slashed its monetary awards for finding macOS-related security vulnerabilities, and that too at a time when Mac-related malware attacks are becoming increasingly prevalent.
macOS security bounties are now down between 50 percent and a whopping 83 percent, depending on the targeted vulnerability
Csaba Fitzl, a macOS security researcher at Iru, has now penned an interesting LinkedIn post, pointing to the sudden onslaught of penny-pinching ways within Apple's macOS-focused Security Bounty program.
As is evident from Fitzl's post reproduced in the above snippet, Apple has drastically curtailed monetary awards under several macOS-geared categories:
- The rewards for full Transparency, Consent, and Control (TCC) bypasses - vulnerabilities that allow malicious apps to access sensitive personal data without explicit user authorization - have now been slashed by 83 percent to just $5,000 vs. the previous award of $30,500.
- macOS sandbox escapes are down by 50 percent to $5,000 from the previous award level of around $10,000.
- The reward for a vulnerability that manages to obtain sensitive data protected by TCC, such as Photos, but does not use the TCC Target Flag, is now eligible for a $1,000 reward.
You can verify these figures by going to Apple's dedicated bounties-related webpage:
Of course, over the years, the bounty program has helped Apple substantially improve its security profile, which now includes:
- A dedicated Lockdown Mode - attack vectors are minimized by blocking attachments, link previews, and web-based restrictions, among other steps.
- An upgraded security architecture of the Safari browser.
- Memory Integrity Enforcement - a security feature in chips such as the A19, which protects against memory corruption vulnerabilities.
Nonetheless, by arbitrarily curtailing the bounty for finding vulnerabilities in the macOS, Apple has taken an apparent regressive step, one that would render the popular OS more vulnerable to security exploits. It seems Apple no longer loves Macs.
About the author: Writing is my one incontrovertible passion. Over the past six years, he has authored over 2,200 distinct articles on financial and tech-related topics, spanning nearly 1 million words. And he has been a member of Wcctech mobile team since 2025. As an alumnus of the University of Toronto, Rotman Commerce Program, I bring nuance, in-depth knowledge, and a unique perspective to every topic that I cover. When I'm not writing, I'm traveling the world, exploring hidden confectionaries and restaurants as an aspiring food connoisseur.
Follow Wccftech on Google to get more of our news coverage in your feeds.
