PC World - The open-source Mozilla project has been offering cash bounties for security bugs for six years now, but often bug finders simply turn down the cash.

Source