Threatpost – Bug bounty programs are springing up in more and more places every day, and the latest site to join the list is GitHub. The site is offering bounties of up to $5,000 to researchers who find vulnerabilities in the main GitHub Web property or some other applications.
The program is similar to ones run by many other companies such as Facebook, Google, PayPal and others, rewarding people who report vulnerabilities directly to the company. GitHub said most bounties will fall in the $100-$5,000 range, but the reward may go higher if there are unique circumstances.
