Apple overhauled its security bounty program back in 2019 by making it open to anyone, increasing payouts, and more. However, the program has seen a good amount of criticism from the infosec community. Now another security researcher has shared their experience claiming that Apple didn’t give them credit for one zero-day flaw they reported which was fixed and that there are three more zero-day vulnerabilities in iOS 15.
Update 9/27: After sharing his experience publicly, Apple has responded to security researcher illusionofchaos, aka Denis Tokarev.
more…
