Few months back I've found a way siphon Cellebrite's customers personal details (emails and phones from three letter agencies) which took weeks to report, no bug bounty and bug not fixed yet.
For a company that supposedly hacks everything a security.txt would be nice.
For a company that supposedly hacks everything a security.txt would be nice.