PornHub Pays Hackers $20,000 to Find Zero-day Flaws in its Website by Wang Wei.
From the post:
Cyber attacks get bigger, smarter, more damaging.
PornHub launched its bug bounty program two months ago to encourage hackers and bug bounty hunters to find and responsibly report flaws in its services and get rewarded.
Now, it turns out that the world’s most popular pornography site has paid its first bounty payout. But how much?
US $20,000!
…
Not every day that a porn site pays users!
While PHP has fixed the issue, be mindful there are plenty of unpatched versions of PHP in the wild.
Details of this attack can be found at: How we broke PHP, hacked Pornhub and earned $20,000 and Fuzzing Unserialize.
Any estimate of how many non-patched PHP installations are on sites ending in .gov or .com?