Y
Hacker News
new
|
ask
|
show
|
jobs
by
bakje
668 days ago
The article mentions a security.txt[1] which doesn't seem to contain an email address but it does contain a link[2] to a disclosure program, I'm guessing that's how they submitted all their findings?
[1]
https://www.points.com/.well-known/security.txt
[2]
https://bugcrowd.com/plusgrade-vdp-pro