Proton isn’t an anonymity silver bullet, and, as others have indicated, your opsec is generally worse than you believe it to be anyway.
Also, to have your first contact with the company be “I’ve found a problem and I want money” might get Legal rather than IT involved, and then you’re on the back foot.
Hi, do you have a bug bounty program? Or do you operate a private bug bounty program for security researchers? If so, what is the process to be invited?
Also, to have your first contact with the company be “I’ve found a problem and I want money” might get Legal rather than IT involved, and then you’re on the back foot.