|
|
|
|
|
|
by transcriptase
17 days ago
|
|
|
They’re supposed to. Instead they have a reputation for telling researchers that their disclosure isn’t actually a vulnerability and doesn’t qualify for a bounty or recognition, then quietly patching said non-vulnerability with a suspicious degree of urgency. |
|
|
Rejected, then quietly fixed a couple of months later.