• trolololol@lemmy.world
    link
    fedilink
    arrow-up
    1
    ·
    7 months ago

    There’s also the ones known by very few people. There’s companies and unofficial groups of people who collect and sell this information. Usually to state governments, off records.

    I don’t think it’s the case for Linux, but I occasionally follow the state of things for bounties offered by Google and Apple to white hat hackers. Though this case is clearly malicious, I understand most vulnerabilities can easily pass as a bug/mistake.