https://www.bleepingcomputer.com/news/security/bug-bounty-reporter-cashes-out-on-someone-elses-exploit/

Bug bounty programs have gained increased momentum and interest from the security research community for their role in promoting security awareness and responsible vulnerability disclosure. But they are not without their fair share of problems. 

Bug bounty platforms fill a genuine need. They help companies solicit vulnerability reports in their products from pen-testers and researchers in a responsible manner while creating a monetary incentive for the researchers who file these reports.