Turso announced the retirement of their bug bounty program because AI-generated vulnerability reports have overwhelmed their inbox with verbose, plausible-sounding but completely fabricated findings. The engineering time required to triage these hallucinated reports now exceeds the security value the program delivers, making it a net negative for the company.
The editorial argues that the core issue is economic asymmetry: an LLM can generate hundreds of plausible reports per day at near-zero cost, while each report requires a qualified senior engineer to triage. This breaks the fundamental contract of bug bounties, where the cost of paying for valid findings was previously far lower than the cost of missing real bugs.
The editorial contextualizes Turso's decision within a wider trend, citing Daniel Stenberg (curl maintainer) who has documented receiving AI reports citing non-existent CVEs, referencing fictional code paths, and constructing elaborate exploitation scenarios for bugs that never existed. When a technically sophisticated infrastructure company like Turso reaches this conclusion, it's a meaningful signal about the state of the ecosystem.
Turso, the company behind libSQL and the Turso edge database platform, announced it is retiring its bug bounty program. The reason isn't budget cuts, a pivot, or a change in security philosophy. It's AI.
The blog post, titled with unmistakable sarcasm — "The Wonders of AI" — lays out what many open source maintainers and smaller companies have been experiencing: their bug bounty inbox has been overrun by AI-generated vulnerability reports that are verbose, technically plausible on the surface, and completely fabricated. The signal-to-noise ratio has collapsed to the point where running the program costs more in engineering time than it returns in actual security value.
This isn't a knee-jerk reaction. Turso is a well-regarded infrastructure company with a technically sophisticated team. When they conclude that a security program is no longer worth operating, that's a data point worth paying attention to.
Bug bounty programs have been a cornerstone of software security for over a decade. The basic contract is simple: external researchers find real vulnerabilities, companies pay for them, and everyone's software gets safer. It works because the cost of paying for valid findings is far lower than the cost of not finding those bugs.
AI-generated reports break this contract. An LLM can generate hundreds of plausible-sounding vulnerability reports per day, each requiring a qualified engineer to triage — and each turning out to be hallucinated nonsense. The attacker's cost is near zero. The defender's cost is measured in senior engineer-hours.
Turso isn't the first to hit this wall. Daniel Stenberg, the creator and maintainer of curl, has been publicly documenting the problem for over a year. He's described receiving AI-generated reports that cite non-existent CVEs, reference code paths that don't exist, and construct elaborate exploitation scenarios for bugs that were never real. Other open source projects have reported similar floods.
The pattern is consistent: the reports are long, use correct security terminology, follow the expected format of a legitimate submission, and fall apart only under careful technical review. That review takes 30 minutes to an hour per report. Multiply that by dozens of submissions per week, and you've consumed a significant chunk of an engineering team's capacity with zero security improvement to show for it.
What makes this particularly insidious is the incentive structure. Bug bounty platforms pay per valid finding. Some participants have realized they can use LLMs to spray reports across hundreds of programs simultaneously, playing a numbers game: if even 1% of hallucinated reports slip through triage and get paid, the economics work in the submitter's favor. The tragedy of the commons is playing out in real time — a few bad actors exploiting AI tools are destroying a system that benefits everyone.
If you operate a bug bounty program, the calculus has changed. The per-report triage cost is no longer bounded by the number of competent human researchers who care about your software. It's now bounded by the number of people with access to an LLM and a list of bug bounty programs — which is effectively everyone.
There are a few responses emerging:
Raise the bar for submissions. Some programs now require a working proof-of-concept exploit, not just a description. This filters out most AI-generated reports because LLMs can describe theoretical vulnerabilities but rarely produce functional exploit code. The downside: this also filters out early-career researchers who find real bugs but lack exploit development skills.
Implement AI detection. Some bug bounty platforms are experimenting with classifiers to flag likely AI-generated submissions. The effectiveness is mixed — the same LLMs that generate the reports can be prompted to avoid the patterns detectors look for, creating an arms race with no clear winner.
Go invitation-only. Restrict your program to vetted researchers with a track record. This works for large companies with established programs (Google, Microsoft) but doesn't help smaller companies or open source projects that relied on open programs to get any security attention at all.
Do what Turso did: shut it down. Accept that the program's utility has been destroyed and redirect those engineering hours to internal security reviews, fuzzing, and automated analysis. This is honest, but it means losing the external perspective that made bug bounties valuable in the first place.
None of these options are great. The first two add friction and cost. The third limits coverage. The fourth surrenders a genuine security benefit. For smaller companies and open source projects, the practical reality is that public bug bounty programs may no longer be viable without platform-level solutions to the AI spam problem.
The bug bounty ecosystem is experiencing what email experienced two decades ago: a useful communication channel being degraded by automated spam until the cost of filtering exceeds the value of the channel. Email survived because platform-level spam filtering got good enough. Bug bounty programs need an equivalent — and the platforms (HackerOne, Bugcrowd, Intigriti) are the ones who need to build it. Until they do, expect more Tursos. The AI-generated report flood is not a temporary nuisance; it's a structural shift in the economics of crowdsourced security. Companies that pretend otherwise are just burning engineering hours they'll never get back.
Top 10 dev stories every morning at 8am UTC. AI-curated. Retro terminal HTML email.