I still have two pending disclosures for critical browser extension vulnerabilities. One was reported more than two months ago, the other slightly less. Just checked, neither has been resolved yet. I guess they want to cut it close to the deadline. Sending reminders… 🙄
A Mastodon instance for info/cyber security-minded people.