Because I didn't find the vulnerability, I'm not looking for a bug bounty and I don't know what the vulnerability is, just seeing the effects of it. On Thu, 18 Jul 2019 at 13:06, Ross Tajvar <ross@tajvar.io> wrote:
Why is Hacker one wrong? Seems like this would be exactly what it's for.
On Thu, Jul 18, 2019, 3:04 PM J. Hellenthal via NANOG <nanog@nanog.org> wrote:
Or maybe a tweet to @twittersecurity
On Jul 18, 2019, at 13:59, J. Hellenthal <jhellenthal@dataix.net> wrote:
Yes/No ?
https://help.twitter.com/en/rules-and-policies/reporting-security-vulnerabil...
On Jul 18, 2019, at 13:45, Ken Gilmour <ken.gilmour@gmail.com> wrote:
Anyone on the list know how to contact the Twitter Security team?
Seems the new update allows an attacker to modify other people's
tweets. The "Hackerone" form for reporting a vulnerability is the wrong form and the "My account has been hacked" form is also the wrong form. The whole site has been compromised, I have evidence and can't contact anyone due to the lack of an appropriate form and the fact that the security@ email address doesn't work.
Thanks!