= Month of bugs =

A month of bugs is a strategy used by security researchers to draw attention to the lax security procedures of commercial software corporations.

Researchers have started such a project for software products where they believe corporations have shown themselves to be unresponsive and uncooperative to security alerts. For example, when a company does not fix the error after a Responsible disclosure, one may find and disclose one security vulnerability each day for one month.

==Examples==
The original "Month of Bugs" was the Month of Browser Bugs (MoBB) run by security researcher H. D. Moore.

Subsequent similar projects include:

- The Month of Kernel Bugs (MoKB) which published kernel bugs for Mac OS X (now macOS), Linux, FreeBSD, Solaris and Windows, as well as four wireless driver bugs.
- The Month of Apple Bugs (MoAB) conducted by researchers Kevin Finisterre and LMH which published bugs related to Mac OS X.
- The Month of PHP Bugs sponsored by the Hardened PHP team which published 44 PHP bugs.
- The Month of AI Bugs conducted by Johann Rehberger published bugs for agentic AI systems throughout the month of August 2025.

==See also==
- Fuzz testing
- Metasploit Project
- Vulnerability (computing)
