An Apple employee knew about a bug in the Chrome browser but did not report it to Google’s developers, reports have claimed.
A
comment on the Chromium bug report site instead credits another individual for notifying Google, noting, “This issue was reported by sisu from CTF team HXP and discovered by a member of Apple Security Engineering and Architecture (SEAR) during HXP CTF 2022, which will be acknowledged in the security fix notes for the appropriate Stable channel release at the time they are updated.”
At the time, the bug was a zero-day, however a
TechCrunch report says that Google’s $10,000 bug bounty was awarded to the individual who reported the bug, not the Apple employee who discovered the bug.