I'm familiar with HackerOne and bug bounty programs, but what about companies or products that aren't part of existing bug bounty programs like presumably Moltbook and OpenClaw were not? Researchers at Wiz claimed they hacked Moltbook in under 3 minutes and my question is what determines the legality of trying to do this? What happens if you're caught before you find a vulnerability or exploit? Is it just because they were researchers at a security firm and your average joe wouldn't be allowed to try this at home?
[link] [comments]
from hacking: security in practice https://ift.tt/WjHUGyP
Comments
Post a Comment