Because I didn't find the vulnerability, I'm not looking for a bug bounty and I don't know what the vulnerability is, just seeing the effects of it. 

On Thu, 18 Jul 2019 at 13:06, Ross Tajvar <ross@tajvar.io> wrote:
Why is Hacker one wrong? Seems like this would be exactly what it's for.

On Thu, Jul 18, 2019, 3:04 PM J. Hellenthal via NANOG <nanog@nanog.org> wrote:
Or maybe a tweet to @twittersecurity

> On Jul 18, 2019, at 13:59, J. Hellenthal <jhellenthal@dataix.net> wrote:
>
>
> Yes/No ?
>
> https://help.twitter.com/en/rules-and-policies/reporting-security-vulnerabilities
>
>> On Jul 18, 2019, at 13:45, Ken Gilmour <ken.gilmour@gmail.com> wrote:
>>
>> Anyone on the list know how to contact the Twitter Security team?
>>
>> Seems the new update allows an attacker to modify other people's tweets. The "Hackerone" form for reporting a vulnerability is the wrong form and the "My account has been hacked" form is also the wrong form. The whole site has been compromised, I have evidence and can't contact anyone due to the lack of an appropriate form and the fact that the security@ email address doesn't work.
>>
>> Thanks!
>