This Monday, Google formally introduced a bounty initiative targeting vulnerabilities in its AI products, explicitly outlining the types of vulnerabilities that qualify for rewards. Among these are scenarios where an attacker can induce abnormal behavior in Google Home (e.g., automatically unlocking doors) via indirect injection of AI prompts, or where AI can be manipulated to summarize and forward the contents of a victim's emails to an attacker's account through data-hijacking prompts. The program is designed to bolster the security of generative AI systems, encompassing emerging attack vectors such as prompt injection, sensitive data leakage, and model tampering.

Historically, Google has distributed over $30 million in rewards through its Vulnerability Reward Program (VRP). In 2024, the company expanded the scope of VRP by introducing a dedicated category for AI vulnerabilities, which has since garnered more than 150 reports. This enhanced program places an even greater emphasis on AI security, encouraging active participation from the cybersecurity community through financial incentives to fortify defenses against potential threats.