The link above is to a short article at The Inquirer.
It seems iDefense, a security firm, pays bounties to finders of major or "critical" flaws in lots of software, but the publicity is of course focused on Microsoft's offerings. You can net a neat $10k (USD) for one that gets a "critical" rating from Redmond. As a matter of fact; that figure was just raised in something of a price war for flaw finders.
I like the idea. So many times researchers who help keep us safe go unrewarded because they are not "professionals" and they deserve some reward. Ten grand seems a bit steep, but who am I to set the prices, right?
You can read more about it here, here, here, and here.