Trailrunner7 writes "PayPal is the latest company to join the ranks of software vendors and Web properties that offer bounties to security researchers who privately disclose new bugs to them. The company isn't saying how much it will pay for each bug, just that its security team will determine the severity of each flaw as well as the ultimate payout. PayPal's decision to offer financial incentives to researchers follows the establishment of similar programs by companies including Google, Mozilla, Facebook, Barracuda and others. Google's bug bounty program may be the most well-known and comprehensive, as it includes bugs not just in its software products such as Chrome, but also its Web properties. The company has paid out more than $400,000 in rewards to researchers since the program began and researchers who consistently find bugs in Google's products can make a nice side income off the program."