AI Spurs Bug Bounty Surge, Challenges Crypto Security

By: crypto insight|2026/04/23 00:00:01

Key Takeaways:

AI has boosted bug bounty submissions to 85,000 valid cases in 2025, a 7% increase.
Rising reports, including bogus ones, are straining crypto security teams.
Cosmos Labs noted a 900% rise in submissions, requiring policy adjustments.
AI is both a problem and a potential solution for vulnerability management.
Smaller crypto teams face increasing challenges in managing these reports.

WEEX Crypto News, 2026-04-22 12:22:55

AI’s Double-Edged Sword in Bug Bounty Programs

The surge in AI-generated bug bounty reports has transformed the landscape of crypto security. With 85,000 valid submissions in 2025, reported by HackerOne, the sector has seen a 7% growth from 2024. But as these reports increase, so does the burden on teams to sift through erroneous submissions, often dismissed as “AI slop.” Managing this influx is crucial for distinguishing legitimate threats from noise.

Cosmos Labs’ co-CEO, Barry Plunkett, highlighted a seismic 900% rise in their submission volume, echoing frustrations across the industry. Teams are inundated with 20-50 reports daily, demanding robust evaluation methods. The escalating volume of both accurate and false reports has forced many teams, like those at Komodo Platform, to re-evaluate their strategies.

Adapting to the AI-Fueled Increase

Cosmos Labs is taking decisive steps to address these challenges. By refining their submission evaluation processes, they aim to prioritize credible researchers. They’re also cooperating with advanced bug bounty platforms to streamline triage. To navigate this AI-fueled era, blockchain developers need strategic adaptations in their approach to bug bounty management.

Daniel Stenberg, creator of the curl tool, abandoned his bug bounty program due to overwhelming AI-generated noise, indicating the broader industry’s challenges. This highlights the necessity for standardized scoring systems and trusted researcher networks to filter relevant data efficiently.

Leveraging AI for Problem Solving

Interestingly, AI, which contributes to this problem, might also offer solutions. It can aid in automating triage processes, filtering out irrelevant submissions effectively. However, the critical factor is integrating AI-driven tools to differentiate valuable insights from mere digital clutter. Such integrations are pivotal for small teams lacking the resources to scrutinize each vulnerability report manually.

Stadelmann of Komodo Platform underscores the importance of AI in bolstering decentralized system defensiveness. By employing AI to mitigate the influx and refine the triage process, teams can safeguard their platforms without being overwhelmed.

-- Price

The Future of Bug Bounty in Crypto Security

The future necessitates a symbiotic relationship between AI and bug bounty platforms. While AI contributes to the noise, it also promises enhanced triage capabilities, potentially revolutionizing security protocols. As the crypto industry leans towards decentralized frameworks, reliance on efficient, automated systems will be paramount.

Organizations must brace for exponential growth in vulnerability reports. Smaller teams may struggle significantly, emphasizing a need for AI-driven deterrents and a collaborative cyber defense network. The transition to intelligent automated systems could alleviate pressures, ensuring that engineers focus on credible threats rather than sifting through irrelevant data.

FAQs

How does AI contribute to bug bounty programs?

AI aids in efficiently analyzing vast amounts of code, identifying potential vulnerabilities, and thus streamlining initial reports. However, it can also lead to a significant increase in inaccurate submissions, straining resources.

What challenges do crypto security teams face due to AI?

Teams often face the challenge of distinguishing between legitimate threats and false positives due to the influx of AI-generated reports. This increases the time and resources needed for manual verification.

Why did Daniel Stenberg end his bug bounty program for curl?

Daniel Stenberg concluded his bug bounty program due to excessive “AI slop”—inaccurate and irrelevant vulnerability reports—making it unsustainable for extensive review and resource allocation.

Can AI be used positively in bug bounty processes?

Yes, AI can optimize the bug bounty process by automating triage and filtering out irrelevant submissions, allowing security teams to focus on genuine threats.

What measures are organizations taking to manage the influx of reports?

Organizations are refining submission scoring criteria, prioritizing trusted researchers, and adopting advanced triage systems in partnership with specialized bug bounty platforms to manage the surge in reports effectively.

The combination of AI and crypto is still in its early stages, with both serving as complementary "middleware": AI translates human intentions into executable programs, while cryptographic technology provides verifiable and tamper-proof guarantees for computational processes and results. In the dire...

Deconstructing Anthropic: The Best AI Company, Possibly Also a Type of Organizational Invention

Instead of competing with ambition, focusing on restraint, how does Anthropic leverage extreme strategic focus and an "counterintuitive" geek culture to counterattack OpenAI on the AI battlefield?

Every exchange is a "Universal Exchange."

You initially build infrastructure for something, then realize it can also be used for many other things, and then you continuously expand the business to accommodate everything that the infrastructure can support.

The counterattack of traditional finance: Alliance chains are quietly reviving

Whether public chains win or consortium chains win has never been the focus.

Pantera Capital Partner: How Tokenization is Restructuring the Private Equity and Early Investment Ecosystem?

Top tech companies are going public later and later, leaving retail investors shut out during the high growth period. Can tokenization give ordinary people back this entry ticket?

Mastercard Launches Agent Pay for AI, Plans to Record AI Agent Payment Authorizations on Polygon

Mastercard launched Agent Pay for AI, a new payment protocol designed to help AI agents make small payments such as pay-per-use access to data and APIs. The system plans to record human-granted AI agent permissions on Polygon, focusing on verifiable authorization, identity, and payment controls.

Curve Deploys Llamalend v2 on Optimism With 250,000 OP Incentives

Curve launched Llamalend v2 on Optimism with 250,000 OP incentives from the Optimism Foundation. The upgrade expands Llamalend beyond its earlier crvUSD-focused model, adding broader collateral support, LlamaRisk market reviews, and the ability to use Curve LP tokens as collateral.

Raydium Old Liquidity Pool Reportedly Exploited, With $1.34 Million Moved to Ethereum and Tornado Cash

An old Raydium liquidity pool was reportedly exploited for around $1.34 million in USDC, RAY, and wSOL, with the stolen funds bridged to Ethereum and deposited into Tornado Cash. The incident highlights the tail risks of legacy DeFi pools, old contracts, and cross-chain fund laundering paths.

Kalshi Executive Challenges “SBF Backed AI Unicorns” Narrative, Says Leopold Aschenbrenner Was Key Figure

Kalshi executive John Wang questioned the “SBF backed AI unicorns” narrative, saying Leopold Aschenbrenner was the key figure behind major AI investment decisions.

New York Proposes Stricter Stablecoin Issuer Rules Aligned With Federal GENIUS Act

NYDFS proposed stricter stablecoin issuer rules aligned with the GENIUS Act, covering reserves, custody, redemption timelines, audits, and capital buffers.

CryptoQuant Says Bitcoin Profitable Supply Is Near 45% Pressure Zone as On-Chain Data Points to Market Repricing

CryptoQuant said Bitcoin’s profitable supply is nearing the 45% pressure zone, signaling rising market stress, unrealized losses, and a possible on-chain repricing phase.

Bitcoin Falls Below 200-Week Moving Average as On-Chain Data Shows Over Half of Supply in Loss

Bitcoin dropped below its 200-week moving average as on-chain data showed over 50% of circulating supply is now in loss, signaling rising market stress.

CFTC Reportedly Plans New Prediction Market Rules Focused on Manipulation Risk and Public Interest Review

The CFTC is reportedly preparing new prediction market rules focused on manipulation risk, public interest review, and retail trader protections.

Meet the new WEEX trial fund—your gateway to greater profits

Discover WEEX's new trial fund and trade with less risk. Use them to offset transaction fees, funding fees, and trading losses. Kickoff your trading journey with WEEX!

WEEX Labs Lands at Dutch Blockchain Week: A Disruptive Crypto × AI Conversation Sets Sail in Amsterdam

WEEX Labs lands in Amsterdam for Dutch Blockchain Week with Agentic Day: The AI Infrastructure Economy — featuring a Cointelegraph exclusive interview with Waqar Zaka, a live AI trading competition (no code required, just natural language), and a keynote from WEEX COO Andrew Weiner. June 22. Register now: https://luma.com/lo977l6h

SK Hynix Reportedly Plans U.S. ADR Listing as Early as August, With SEC Approval Possible in Late June

SK Hynix may pursue a U.S. ADR listing as early as August, with SEC approval reportedly possible in late June amid strong AI chip supply chain demand.

Morning Report | OpenAI has submitted an S-1 registration statement draft to the U.S. SEC; Morpho completes $175 million financing

Overview of Important Market Events on June 9th

Galaxy Deep Research Report: How Hyperliquid's HIP-4 Upgrade Changes the Landscape of Prediction Markets?

The platform that wins this competition will be the one whose execution layer is the hardest to replicate, whose builder ecosystem delivers the fastest, and whose regulatory path is the most open.

Latest research from 13 top universities including Cornell University: The current state, challenges, and misconceptions of the fusion of Crypto and AI