Overrun with AI slop, cURL scraps bug bounties to ensure "intact mental health"

The developer of cURL, a popular networking tool, is ending its bug bounty program due to an influx of low-quality, AI-generated reports. Daniel Stenberg, the project's lead developer, cited the overwhelming volume of submissions as detrimental to the team's mental health and survival. Users expressed concern that this move may compromise the tool's security, but Stenberg emphasized the necessity of the decision. cURL, an essential tool for various tasks, has relied on bug reports for security maintenance, with cash bounties offered for high-severity vulnerabilities.