Apple security researcher failed to disclose a 0-day Chrome exploit to Google; misses out on $10,000 reward

Ink

Administrator
Thread author
Verified
Jan 8, 2011
22,490
An Apple employee knew about a bug in the Chrome browser but did not report it to Google’s developers, reports have claimed.

A comment on the Chromium bug report site instead credits another individual for notifying Google, noting, “This issue was reported by sisu from CTF team HXP and discovered by a member of Apple Security Engineering and Architecture (SEAR) during HXP CTF 2022, which will be acknowledged in the security fix notes for the appropriate Stable channel release at the time they are updated.”

At the time, the bug was a zero-day, however a TechCrunch report says that Google’s $10,000 bug bounty was awarded to the individual who reported the bug, not the Apple employee who discovered the bug.

 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top