Starting the 1st of this month, the Mozilla Foundation will reward users who discover and report security vulnerabilities in its software with $3,000 for each vulnerability. Until now the reward, distributed under the Mozilla Security Bug Bounty Program which launched in 2004, has been limited to just $500. Bug finders can now also look forward to receiving a free T-shirt as part of the scheme. Eligible security vulnerabilities must be remotely exploitable (over the web or a local network) and not previously have been publicly documented.
The campaign is limited to the latest version of Firefox, Thunderbird, Firefox Mobile and any other Mozilla service which could allow a hostile takeover of any of these applications. Bugs in third party software such as browser add-ons (also known as extensions) and plug-ins are not eligible.
More info from h-online.com and theregister.co.uk