1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies - zendesk.md

  • Ascyron@lemmy.one
    link
    fedilink
    English
    arrow-up
    11
    ·
    3 months ago

    Noting that the only bounties were from some of the many 3rd party companies using Zendesk. Zendesk themselves did NOTHING.

    As a commentor there said: “The best way to incentivize malicious activity is not to reward philanthropic behaviour. The next exploit for ZenDesk will be sold directly to the darkweb after having read this.”