Finding vulnerabilities is essential to digital security. The recently identified vulnerability in OpenPGP.js was proactively discovered through the #SovereignTechResilience bug bounty program, hosted on @yeswehack
Thanks to the responsible disclosure by security analysts Edoardo Geraci and Thomas Rinsma from @Codean, the issue was patched quickly in versions 5.11.3 and 6.1.1
(1/2)
Security is not a state, but a process. We’re proud that the coordination between the security analysts and the maintainers of the project led to a swift patch and strengthened our common digital infrastructure.
The #SovereignTechResilience program secures critical digital infrastructure to strengthen the resilience of open digital systems.
If your project plays a vital role in digital sovereignty, privacy, or public infrastructure, we encourage you to apply:
https://www.sovereign.tech/programs/bug-resilience
(2/2)
Sovereign Tech Agency