A security researcher, Angelo Gueta, based in the Philippines, has uncovered a software bug in Starlink, a satellite internet service by SpaceX, that was leaking sensitive information. Gueta's discovery led to a $6,000 bug bounty reward from SpaceX, which acknowledged the vulnerability and its potential for reputational damage. This incident highlights SpaceX's proactive approach to cybersecurity, as the company invites security researchers to hack Starlink and uncover security flaws. Gueta's previous contributions include discovering an authentication bypass flaw, earning him a $2,500 reward. SpaceX offers up to $50,000 for severe hacks involving remote code execution, and lower-level rewards for cross-site scripting and cross-site request forgery vulnerabilities, which can expose its 9 million global users to malicious attacks. Additionally, SpaceX is hiring more cybersecurity staff to enhance its security measures, especially during its role in providing wartime communications in Ukraine.
