Facebook said this week that that it has paid out more than $40,000 under its new "bug bounty" security initiative. Launched three weeks ago, Facebook's program invites security researchers -- both the professional kind and hacker hobbyists -- to send it the details of any Facebook vulnerabilities that they uncover. If the report checks out, Facebook will pay a finder's fee of at least $500. It's willing to go higher for extra-impressive bug spotting. "We've already paid a $5,000 bounty for one really good report," Facebook Chief Security Officer Joe Sullivan wrote in a blog post. "One person has already received more than $7,000 for six different issues flagged." Although the social networking has its own security team, Facebook launched its bug bounty program to tap into the collective wisdom of the site's 750 million users.