1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies - zendesk.md

  • @Ascyron
    link
    English
    111 month ago

    Noting that the only bounties were from some of the many 3rd party companies using Zendesk. Zendesk themselves did NOTHING.

    As a commentor there said: “The best way to incentivize malicious activity is not to reward philanthropic behaviour. The next exploit for ZenDesk will be sold directly to the darkweb after having read this.”