VirtualBox zero-day published by disgruntled researcher
Catalin Cimpanu reports on a zero-day published by researcher Sergey Zelenyuk and his decision to go public instead of going through the usual system of notification, waiting, etc.
Some of the issues he raises are ones that I have been hearing about recently from other researchers who are disenchanted, to say the least, with the HackerOne program.
Maybe Zelenyuk’s actions will start a conversation and dialogue that seems to be needed.
Read about both issues on ZDNet.