October 19, 2018

Welcome to Oath Bug Bounty

Note: Verizon Media is now known as Yahoo.

Paranoids logo

Valued Researchers,

You'll notice a couple changes to the program this week. Here's what you need to know:

1. New look; same rewards. You'll notice some new aesthetics on our program splash page to better reflect our house of brands and all the properties in scope. When you want to submit bugs to us, find our page at hackerone.com/oath instead of hackerone.com/yahoo. Payout tables will stay the same, the policy and rules will stay the same, and your stats won’t go anywhere. The change is a facelift only and all of the reports and data will still be here.

2. Give Tumblr a warm welcome to the public program! We are proud to announce that Tumblr is now part of our Oath public bug bounty program with four new scope assets. For a full list of assets and domains, please review the growing assets section towards the bottom of the Program Policy page. Please note that each asset has some special vulnerability cases that we will exclude from scope so please make sure to read them closely.

Thanks as always for being a part of our program. Happy Hacking,

 The Paranoids