My friend found a vuln in October.. He managed to exploit it and reported to the developers..
One month later (right now) , some security company just posted that they found this vulnerability 
>>
Their post shows a very similar POC, their timeline started *a week* after my friend reported the vulnerability and they claim they found it.. Ehh The developer has assigned the CVE to my friend and someone from this security company.. >>
-
-
I think that after the vulnerability was found, they hired this security company to help them to fix it.. I just hate the fact that they claimed they found it and they are trying to do PR with this.. >>
Prikaži ovu nit -
I thought about commenting in their own tweet about this, but I don't want to get in trouble with them (sounds stupid, but yeah
)
maybe they found the vulnerability at the exact same time as my friend? Idk
>>Prikaži ovu nit -
Anyway, that's why I'm not so interested in CVEs and PR and business, pretty shitty stuff. It's just fun learning and sharing knowledge with the community...


Business and politics is shit guys.
>>Prikaži ovu nit -
Lessons: - Don't steal other researchers work.. If you do, (we all learn some way or another from other people's work) just give credit - Don't get too excited about finding "CVE"s and "APT"s - sometimes it's just buzzwords used for PR, Get excited about cool technical stuff >>
Prikaži ovu nit -
- Share your knowledge with the community - not for PR, but for the purpose of making it better. Yes, I know that sometimes PR is necessary but Ehh.. Business is shit Goodnight
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.