swiyu bug bounty programme now open to the public
The swiyu bug bounty programme has been running since July 2025. The programme forms part of the federal bug bounty programme, which is overseen by the Federal Office for Cyber Security (BACS) and run in collaboration with Bug Bounty Switzerland AG. Such a programme encourages ethical hackers to uncover vulnerabilities. If vulnerabilities are found, the ethical hackers receive a corresponding reward.
Until now, this programme has been run in private mode. This meant that only selected hackers could participate by invitation. A total of 12 vulnerabilities have been found to date and rewarded accordingly (1 with high, 6 with medium and 5 with low criticality).
From now on, the programme will be run in public mode. This means that all hackers can take part in the programme and be rewarded for vulnerabilities they find. The results of the swiyu bug bounty programme are published on GitHub every quarter.