Top10 publishers:
bobrov107 
sp1d3rs54 
jobert45 
bl4de39 
bigbear_38 
guido38 Twitter
isox36 
4lemon35 
linkks35 
geeknik35 

the unofficial HackerOne disclosure timeline.

X
Shopify disclosed a bug submitted by masterhackor 
Cross Site Scripting at https://app.oberlo.com/
26 May 2019 timeline
TomTom disclosed a bug submitted by daniel_v 
Exposed Git Repo at http://betaforum.tomtom.com/.git/{subfolders}
26 May 2019 timeline
Tron Foundation disclosed a bug submitted by rhynorater 
Private key "tron" leaked via Travis CI Log
26 May 2019 timeline
Automattic disclosed a bug submitted by foobar7 
WooCommerce: Persistent XSS via customer address (state/county)
26 May 2019 timeline
curl disclosed a bug submitted by microsoftwindows29 
Github wikis are editable by anyone #Githubwikistakeover
25 May 2019 timeline
Twitter disclosed a bug submitted by cy1337 
HTTPS is not validating TLS mac codes
25 May 2019 timeline
Khan Academy disclosed a bug submitted by hanno 
https://mathfacts.khanacademy.org/ includes code from unprivileged localhost port
25 May 2019 timeline
Alliance of American Football disclosed a bug submitted by gujjuboy10x00 
Stored xss in address field in billing activity at https://shop.aaf.com/Order/step1/index.cfm
25 May 2019 timeline
Homebrew disclosed a bug submitted by keeleysam 
Homebrew installed LaunchDaemons create simple root esclations
24 May 2019 timeline
Vanilla disclosed a bug submitted by alb3r7 
Stored XSS in vanilla
24 May 2019 timeline
Valve disclosed a bug submitted by njbooher 
ISteamAssets gives partners control over unrelated community market transactions
23 May 2019 timeline
GitLab disclosed a bug submitted by iframe 
The ability to pull out the domain and the mail part associated with the user account [gitter.im]
22 May 2019 timeline
Shopify disclosed a bug submitted by corb3nik 
H1514 [*.(my)shopify.com] - Viewing Password Protected Content
22 May 2019 timeline
Starbucks disclosed a bug submitted by wa1m3im 
Reflected XSS in https://www.starbucks.co.jp/store/search/
22 May 2019 timeline
Starbucks disclosed a bug submitted by 0xpatrik 
Subdomain takeover of mydailydev.starbucks.com
22 May 2019 timeline
Grammarly disclosed a bug submitted by karimpwnz 
Employee's GitHub Token Found In Travis CI Build Logs
22 May 2019 timeline
Revive Adserver disclosed a bug submitted by paulos_ Twitter
Authentication Bypass by abusing Insecure crypto tokens in /lib/OA/Dal/PasswordRecovery.php:
21 May 2019 timeline
Tor disclosed a bug submitted by xiaoyinl 
Detecting Tor Browser UI Language
21 May 2019 timeline
ok.ru disclosed a bug submitted by linkks 
Cisco ASA Denial of Service & Path Traversal (CVE-2018-0296)
20 May 2019 timeline
1 2 3 ... 339
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM