Google has published (https://security.googleblog.com/2023/02/vulnerability-reward-program-2022-year.html) statistics for its BB program for the past year. In total, the company paid out more than $12 million, almost 50% more than a year earlier. The year was also a record one in terms of a one-time payment: a solid $605,000 went for a chain of five Android vulnerabilities. Moreover, the same researcher received $ 157 thousand a year earlier — also for a chain for Android and also a record of payments for that year for bugs in this system. Comrade gzobqq keeps his mark.
For the top three researchers in the top Android program, the year also turned out to be productive: for three, almost 500 bugs were accumulated, and Aman Pandey from India with his company Bugsmirror in the first place — reported more than two hundred. This is such a fruitful union in the Hindu development lobby: while one part of it sculpts a hundred bugs after another in Google, the other one fixes them. To fix bugs in Hindu code, you need to think like a Hindu!