An Apple employee was allegedly aware of a bug in his Chrome browser but did not report it to Google’s developers.
The bug in question was a zero-day vulnerability, but according to a TechCrunch report, the vulnerability was not reported to Google by the person who found it. Google’s $10,000 bug-finding award was given to the person who reported the bug, not the Apple employee who discovered the bug.
Usually, tech companies collaborate in the cybersecurity field, even though they are against each other on everything. Gallileo, a person who claimed to be the Apple employee in question on a TechCrunch-reviewed Discord channel, said: “June 5th, the bug was reported through my company. Yes, it’s late, there are multiple reasons for that. I needed to find the person responsible first and get the report to be signed by people. It’s admirable that Chrome decided to fix it right away, but I don’t think there was any real urgency.”
On the other hand, the person responsible for notifying the Chromium developers; He said he wasn’t interested as he didn’t discover the bug himself, but wanted to be 100% sure it was reported to the Chromium team.
There has been no statement from either company about this communication gap yet.
60392
