|
|
|
|
|
|
by tgsovlerkhgsel
1108 days ago
|
|
|
Another option can be your country's CERT. In reasonably developed countries they generally have competent enough people to understand the concept of responsible disclosure (i.e. won't try to harass you for doing a good thing), and if they realize "oh shit, this is a critical infrastructure risk" they're probably in the best position to address not just the specific case, but also drive improvements (including via regulation) across vendors. |
|
|