Speculative Execution: 'L1TF Reloaded' Garners Record Bounty

Researcher Mathé Hertogh Details How Exploit Can Grab Data From Any VM on Server Mathew J. Schwartz (euroinfosec) • November 11, 2025

Speculative execution vulnerabilities, involving CPUs that leak sensitive data through their memory cache, remain at risk from side-channel attacks.

See Also: Mastercard on Agentic Payments: How AI Agents, Tokenization, and Authentication Will Redefine Digital Commerce

Fresh proof of that fact comes in the form of Google Cloud in September announcing the biggest-ever cloud security bug bounty it's ever awarded - $151,515 - to a team of microarchitectural security researchers in the Netherlands who proved the existence of a type of speculative execution vulnerability.

Dubbed "L1TF Reloaded," the researchers' exploit can be used to steal data from a virtual machine hosted on any cloud server running on certain types of Intel CPUs, without an attacker having to know anything about the victim. "We're maliciously tricking the hypervisor into exactly ...