That's pretty bad ... So many Fortune 500 companies using Node couldn't fork some spare change to keep themselves (and us) safe ...
benoau•11m ago
It's not that they're out of funding per-se:
> The discovery landscape is changing. AI-assisted research is expanding vulnerability discovery across the ecosystem, increasing both coverage and speed. The balance between findings and remediation capacity in open source has substantively shifted. We have a responsibility to the community to ensure this program effectively accomplishes its ambitious dual purpose: discovery and remediation. Accordingly, we are pausing submissions while we consider the structure and incentives needed to further these goals.
GeoSys•41m ago
benoau•11m ago
> The discovery landscape is changing. AI-assisted research is expanding vulnerability discovery across the ecosystem, increasing both coverage and speed. The balance between findings and remediation capacity in open source has substantively shifted. We have a responsibility to the community to ensure this program effectively accomplishes its ambitious dual purpose: discovery and remediation. Accordingly, we are pausing submissions while we consider the structure and incentives needed to further these goals.
https://hackerone.com/ibb?type=team