The rise of so-called AI slop—low-quality images, videos, and text generated by large language models—has flooded the internet in recent years. This content has polluted websites, social media platforms, newspapers, and even real-world events. The cybersecurity industry is no exception, facing a growing problem with AI-generated bug bounty reports that claim to identify vulnerabilities but are entirely fabricated.
Security professionals have raised concerns about these reports, which appear technically sound but are based on hallucinations from large language models. Vlad Ionescu, co-founder and CTO of RunSybil, explained that these reports often look legitimate at first glance. However, upon closer inspection, the technical details turn out to be entirely made up. Ionescu, who previously worked on Meta’s red team, noted that LLMs are designed to be helpful, often producing reports even when no real vulnerability exists. This leads to an overwhelming number of false submissions that frustrate both platforms and customers.
Real-world examples highlight the issue. Security researcher Harry Sintonen revealed that the open-source project Curl received a fake report, which was quickly identified as AI-generated. Similarly, Open Collective’s Benjamin Piouffle reported their inbox being flooded with AI-generated garbage. Another developer maintaining the CycloneDX project on GitHub removed their bug bounty program entirely after receiving mostly AI slop reports.
Leading bug bounty platforms like HackerOne and Bugcrowd have also seen an increase in AI-generated submissions. Michiel Prins of HackerOne noted a rise in false positives—reports that appear real but lack real-world impact—which create noise and reduce the efficiency of security programs. Bugcrowd’s Casey Ellis acknowledged that while AI is widely used in submissions, it hasn’t yet caused a significant spike in low-quality reports, though this may change in the future.
Companies running their own bug bounty programs have had mixed experiences. Mozilla, for instance, has not seen a substantial increase in invalid reports, maintaining a steady rejection rate. However, Microsoft and Meta declined to comment, while Google did not respond to inquiries.
Ionescu predicts that the solution to AI slop will involve further investment in AI-powered systems to filter and review submissions. HackerOne has already taken steps in this direction with the launch of Hai Triage, a system combining AI and human analysts to prioritize real threats. As both hackers and companies increasingly rely on AI, the question remains: which AI will ultimately prevail in this ongoing battle?