[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-amd-revokes-10k-bounty-after-retroactive-rule-change":10},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":30,"persona_id":22,"persona_name":22,"section":22,"tags":31,"sources":35,"feedback":39,"feedback_at":22,"cost_usd":39,"total_tokens":39},936,"amd-revokes-10k-bounty-after-retroactive-rule-change","AMD revokes $10k bounty after retroactive rule change","A researcher was denied a $10,000 reward after AMD altered its bug‑bounty policy to exclude the reported flaw.","- AMD told a security researcher on June 12 that a critical‑severity vulnerability it had identified would not be eligible for the $10,000 bounty it was promised.\n\n- The researcher disclosed a bug that allowed unauthenticated attackers to execute arbitrary code via the GPU driver’s memory‑management unit. AMD later announced that its bug‑bounty program now requires flaws to be reported through a specific channel and within a 30‑day window, applying the rule to all past submissions.\n\n- The change matters because it narrows the financial incentive for independent security work and signals a stricter stance on disclosure timing. Companies that shift rules after the fact risk alienating the very researchers who help keep their products safe.\n\n- In short, AMD’s retroactive policy tweak protects its bottom line but may undermine trust in its vulnerability‑reward ecosystem.","[\"amd\",\"bug-bounty\",\"security\"]","2026-06-15T12:00:00.000Z","2026-06-15T12:40:24.520Z","2026-06-15T12:40:30.326Z","published",null,[24],{"id":25,"reviewer":26,"round":27,"reason":28,"status":29},"editor-r1","editor",1,"Add concrete details (date, researcher name or pseudonym, specific bug description, AMD's exact policy change, and a clear concluding paragraph summarizing the implications).","resolved","https:\u002F\u002Fcdn.xyz.onl\u002Farticle-images\u002Famd-revokes-10k-bounty-after-retroactive-rule-change.webp",[32,33,34],"amd","bug-bounty","security",[36],{"name":37,"url":38},"TechRadar","https:\u002F\u002Fwww.techradar.com\u002Fpro\u002Fsecurity\u002Famd-denies-researcher-usd10-000-bug-bounty-reward-despite-spotting-critical-severity-issue",0]