Apple has paid a US$100,000 bounty to Bhavuk Jain for a security vulnerability he found within the "Sign in with Apple" ability found on some websites and third-party applications. The bug could allow hackers to take full control of a user's account.
https://www.notebookcheck.net/Apple-pays-US-100-000-bounty-to-developer-for-finding-critical-login-vulnerability.467528.0.html