Google overhauls its Android and Chrome vulnerability rewards programs, offering bounties of up to $1.5 million for the most difficult exploits while scaling back payouts for flaws that artificial intelligence (AI) has made easier to find.

The top reward of $1.5 million is reserved for zero-click Pixel Titan M2 security chip full-chain exploits with persistence, the most technically demanding attack scenario in the program, while the same exploits, but without persistence, are also eligible for up to $750,000.

On the Google Chrome side, full-chain browser process exploits on up-to-date operating systems and hardware now come with rewards of up to $250,000, plus an additional $250,128 bonus for successfully exploiting MiraclePtr-protected memory allocations.