Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Isn't this why most researchers just sell their 0days to Zerodium or drop it publicly? I've heard of multiple companies doing this type of BS. There was a person called Polarbear/sandboxescaper who dropped a few Win10 LPE's on GitHub. They claimed that Zerodium also only pays out a small amount then resells the exploit.


Yes, that person did drop 0days publicly and then promptly faced an FBI investigation causing a tremendous level of stress and irreparable mental health damage.


She faced a FBI investigation over the threats she was making during her rants, not because she dropped 0days publicly. It is not very cool of you to falsely insinuate that these things are related.


It looks like that they no longer work for Microsoft anymore. Weren't they making some not so great comments before the FBI investigation though?


She said all kinds of things that would trigger investigations, everything from threatening the president to searching for foreign state hackers to attack the US with her.

Surprisingly MSFT still hired her after this


There aren't worth anything to Zerodium afaik


Maybe they would've been to ZDI.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: