Reaction:
"Disappointed to see public accusations without reaching out first, especially after launching a competitive product.
We work directly with maintainers via GitHub, not bounty platforms. Neither we nor the maintainers knew about your Huntr reports at the time, otherwise they would have been marked as duplicates.
We've publicly credited FuzzingLabs for the 2 CVEs where your findings came first, and we're always happy to credit whoever finds them before we do.
The claim about stolen CVEs doesn't hold up when many links you provided were already marked as "duplicate" or "invalid" on Huntr."
Reaction: "Disappointed to see public accusations without reaching out first, especially after launching a competitive product.
We work directly with maintainers via GitHub, not bounty platforms. Neither we nor the maintainers knew about your Huntr reports at the time, otherwise they would have been marked as duplicates.
We've publicly credited FuzzingLabs for the 2 CVEs where your findings came first, and we're always happy to credit whoever finds them before we do.
The claim about stolen CVEs doesn't hold up when many links you provided were already marked as "duplicate" or "invalid" on Huntr."
source: https://x.com/gecko_sec/status/1977805927320551672
This is become a flame-war.