V

I Saved Injective's $500M. They Pay Me $50K. I like hunting bugs on @immunefi . I'm decent at it. - #1 — Attackathon | Stacks - #2 — Attackathon | Stacks II - #1 — Attackathon | XRPL Lending Protocol - 1 Critical and 1 High from bug bounties (not counting this one) Life was good. Then I found a Critical vulnerability in @injective . This vulnerability allowed any user to directly drain any account on the chain. No special permissions needed. Over $500M in on-chain assets were at risk. I reported it through Immunefi. The next day, a mainnet upgrade to fix the bug went to governance vote. The Injective team clearly understood the severity. Then — silence. For 3 months. No follow up. No technical discussion. Nothing. A few days ago, they notified me of their decision: $50K. The maximum payout for a Critical vulnerability in their bug bounty program is $500K. I disputed it. Silence again. No explanation for the reduced payout. No explanation for the 3 month ghost. No conversation at all. To be clear: the $50K has not been paid either. I've seen others share bad experiences with bug bounty payouts recently. I never thought it would happen to me. I can't force them to do the right thing. But I won't let this be forgotten. I will dedicate 10% of all my future bug bounty earnings to making sure this story stays visible — until Injective pays what I deserve. Full Technical Report: github.com/injective-wall…

❄️January payouts to hackers totaled $594,280 Huge thanks to every hacker with a valid find — you’re absolute legends. Keep hunting! 🏆 Top Bug Bounty Payouts: JRHL — $112,000 chaitealatte — $100,000 @kxrd36— $100,000 nk11 — $75,000 @VulsightSec — $50,000 @0xvivekd — $20,000 ..And speaking of remarkable community wins in December’25, researcher Jinxorder has now crossed $1,100,000 in a single reward on HackenProof — a milestone backed by consistent performance across programs. 🙌 More targets, more bugs, more wins — see you in the next month.