Bug Hunters are people that make their living by figuring out security holes in a company’s website. If a problem is found and reported, the Bug Hunter is potentially paid for their work.
Scammers are taking advantage of this agreement between Bug Hunters and corporations through Bug Bounty scams.
Should you receive an email demanding payment for “finding a vulnerability” or contracts to fix a “vulnerability,” be wary as this could be a scam.