As a non-participating visitor of security forums (which bleed into malicious hackers), I am looking forward to the popcorn.
Right now, my job post bug bounties and hackers pen test and find vulnerabilities. And there’s a LOT of money flowing around in that space - my company alone has paid out over 7-figures collectively. A company’s reputation to honoring the agreement is also sacred. Because if we fail to pay or reject that this is a real vulnerability, our rep tanks and the next time there’s a vulnerability, it won’t be reported, but abused.
CUSG just signalled that they are pieces of shit to the hacker community. And I’m gonna bet they are going to get some serious shit now.
🍿