#Tag
#curl security moves again. Back to #hackerone
https://daniel.haxx.se/blog/2026/02/25/curl-security-moves-again/
#curl security moves again. Back to #hackerone
https://daniel.haxx.se/blog/2026/02/25/curl-security-moves-again/
I understand #curl project decision to stop the #bugbounty and leave #hackerone. The torrent of #AIslop has become unbearable.
https://github.com/curl/curl/pull/20312
I will continue to report vulnerabilities to the project whether it has a bug bounty or not.
We are at *twenty* hackerone submissions so for #curl far this year. Zero of them a confirmed vulnerability.
@bagder Shld I submit a #hackerone submission for #curl, identifying hackerone as a DoS attack vector for the project, recommending depreciation?
I understand #curl project decision to stop the #bugbounty and leave #hackerone. The torrent of #AIslop has become unbearable.
https://github.com/curl/curl/pull/20312
I will continue to report vulnerabilities to the project whether it has a bug bounty or not.
I'm submitting lovingly hand-crafted 100% organic reports to #curl #hackerone
I'm submitting lovingly hand-crafted 100% organic reports to #curl #hackerone
1. User complains to #hackerone that I named his *previous* name when he renamed himself to a silly name after I banned them in a #curl report filed back in October.
2. Hackerone asks me to respond on their support forum, on which I have no account. Grrr. I refuse to.
3. Replying to the hackerone email about this instead, I get a bounce saying they don't accept emails on support@hackerone ...
Kill me now.
