PANews reported on April 22nd, citing Cointelegraph, that the widespread application of AI has led to a surge in low-quality and even fake bug bounty reports for crypto protocols. The co-CEO of Cosmos Labs stated that submissions to their bug bounty program have increased by 900% year-over-year, reaching 20 to 50 reports per day, with a significant increase in both valid and invalid reports. The creators of the open-source tool curl have announced the termination of their bug bounty program due to the influx of "AI-generated spam bug reports." The CTO of Komodo Platform pointed out that AI has lowered the cost of generating reports, resulting in an influx of low-quality reports.

Meanwhile, a HackerOne report shows that 85,000 valid vulnerability submissions were received in 2025, a 7% year-on-year increase, indicating that truly valuable vulnerability reports are still growing. Cosmos Labs has begun addressing the issue of low-quality reports by tightening scoring criteria, prioritizing collaboration with documented and trusted researchers, and recommending the use of defensive AI systems to automatically filter vulnerability reports.