Ethical Hacking Insights with Rafay Baloch: How a $10,000 Bug Bayout Shaped Security

An ethical hacker, security researcher and a writer Rafay Baloch was paid total USD 10,000 for reporting a Code Execution / Command Execution vulnerability on the sub-domain of Paypal. <br /> <br />Paypal had started a *Bug Bounty program* for security experts around the world to report any bug or vulnerability if found on their server. <br /> <br />The hacker writes on his official blog that while testing Paypal’s server, he found a critical command execution vulnerability allowing hackers to execute any command on the server. <br /> <br />Rafay was initially paid USD 600 for reporting XSS Vulnerability on the main site of Paypal, later after reporting several other bugs, the company paid more USD 6000 for his expert services which obviously saved Paypal from a disaster and embarrassment.