illusionofchaos says chose to cover up an earlier-reported bug without giving them credit.
This researcher is by no means the first to publicly express their frustration with Apple over its security bounty program.
Nice bug—now shhh
illusionofchaos says that they’ve reported four iOS security vulnerabilities this year—the three zero-days they publicly disclosed yesterday plus an earlier bug that they say Apple fixed in iOS 14.7. It appears that their frustration largely comes from how Apple handled that first, now-fixed bug in
Read 15 remaining paragraphs | Comments