We are evolving! Huntr is transitioning from a traditional open-source software (OSS) bug bounty platform into a premier challenge-based competition platform. Moving forward, Huntr will focus exclusively on finding unique, creative ways to exploit and test the boundaries of AI systems through structured, competitive challenges.
I heard you were acquired again. What’s the story?
Yes! In July 2025, Huntr was acquired by Palo Alto Networks. Our mission aligns perfectly with their vision for the future of AI security, and we are joining forces to help strengthen the defensive mechanisms built directly into their Prisma AIRS offering.
Why pivot to a challenge-based platform?
Standard bug bounty models can be rigid and administratively heavy for everyone involved. A major reason for this pivot is to relieve OSS maintainers of the heavy burden of triaging vulnerability reports. By moving to an interactive competition-based format on environments we control, we take on the full responsibility of determining what is a valid exploit and rewarding you significantly faster.
Are there updates to the Terms of Service?
Yes. As part of our transition and acquisition, our terms are updating. To participate in the new challenges, you will need to agree to the Palo Alto Networks Terms of Use and Privacy Policy, alongside the specific Huntr Participation Terms.
Changes To Existing Programs
What is happening to the existing OSS vulnerability program?
To fully dedicate our resources to the new challenge format, we will be sunsetting the traditional OSS vulnerability program. On June 30th, 2026: We will officially stop accepting new submissions for the OSS vulnerability program. On July 31st, 2026: All OSS submissions will be locked.
What happens to vulnerabilities that are currently in the queue?
We will do our best to facilitate the triaging of as many existing submissions as possible before the July 31st deadline. After this, the program will be completely frozen. Any submissions that have not been fully processed by this date will not be processed further, will be kept strictly private, and no further bounties will be issued.
What is happening to the Model File Format Vulnerability program?
The Model File Format Vulnerability program is sticking around! While we do have plans to eventually transition it into a challenge-based format in the future, it remains open for standard submissions at this time. We will give the community ample notice before any changes to this program take effect, and we are fully committed to processing all pending reports submitted against it before completing that transition.
For Hackers & Researchers
How is participating in a challenge different from a traditional bug bounty?
It is dramatically simpler! Say goodbye to writing long, tedious vulnerability reports with exhaustive reproduction steps. Now, you engage directly with the challenge environment. You interact with the target and simultaneously uncover new ways to exploit these AI systems. Your successful exploits speak for themselves, proving your impact without the administrative overhead.
How do challenges and payouts work?
It's all about competition. Each challenge features a unique AI agent and specific objectives you must complete. When you successfully achieve an objective, your attempt is evaluated and ranked on independent leaderboards. Your final placement on these leaderboards when the challenge closes determines your cash prize.
I’m a Security Researcher. What does this mean for my day-to-day?
Get ready for a whole new way to hack. Instead of hunting for traditional bugs in OSS projects, you'll be competing in targeted, high-stakes challenges designed to test the limits of AI models and infrastructure. You can expect exciting new target environments, real-time feedback on your exploits, competitive leaderboards, and fresh ways to showcase your specialized AI skills.
Will my current points and reputation carry over?
Yes! Your legacy on Huntr matters. We are currently restructuring our leaderboard to fit the new competition model, but your historical points and reputation will be preserved and highlighted on your future Huntr 2.0 profile.
What happens to my past OSS vulnerability reports and data?
You will retain access to your historical vulnerability data and reports on the platform until August 30th, 2026. However, we cannot guarantee access to this data after the end of October. We highly recommend exporting and archiving any reports or information you wish to keep before then.
For OSS Maintainers
I’m an OSS Maintainer who uses Huntr for vulnerability disclosure. What does this mean to me?
As we pivot to a challenge-based model focused on AI exploit competitions, we will stop accepting new vulnerability disclosures for OSS projects on June 30th, 2026. We highly encourage migrating your vulnerability disclosure program to alternative platforms, such as GitHub Security Advisories, before this date.
What happens to my project's data and current reports?
Any reports that remain unprocessed when the platform locks on July 31st will be kept entirely private to protect your project. You will still have access to your historical vulnerability data through the platform until August 30th, 2026. We cannot guarantee access to this data after the end of October, so we strongly recommend exporting and archiving any information you wish to retain before that date to ensure a smooth transition for your project's security operations.
Community & Support
Where can I get help for getting started and where can I get the latest updates?
If you want help getting started with the community, discussing challenges, or connecting with fellow researchers, join our Discord. For all the latest news, new challenge announcements, and leaderboard spotlights, be sure to follow us on X.
Who can I contact if I have questions or need support during this transition?
We’re here to help you through this transition and to ensure you have a smooth experience on the new platform. Feel free to reach out to our team directly at support@huntr.com, or drop a message in our Discord if you need assistance.
