Top10 publishers:
bobrov60 
isox36 
4lemon34 
zombiehelp5430 Twitter
ston327 
smiegles27 Twitter
shahmeer_amir26 
jobert26 
haquaman26 
guido26 Twitter

the unofficial HackerOne disclosure timeline.

X
ICQ disclosed a bug submitted by linkks 
Apache Server-Status Detected
17 Jul 2017 timeline
Mixmax disclosed a bug submitted by konkakarthik 
mailbomb through invite feature on chrome addon
16 Jul 2017 timeline
HackerOne disclosed a bug submitted by h33t 
Invitation tokens leak to Google Analytics
16 Jul 2017 timeline
Mixmax disclosed a bug submitted by michan001 
no string size restriction on team name
16 Jul 2017 timeline
Legal Robot disclosed a bug submitted by goodhackonly 
Missing link to 2FA recovery code
15 Jul 2017 timeline
Slack disclosed a bug submitted by fbogner 
Code Injection in Slack's Windows Desktop Client leads to Privilege Escalation
14 Jul 2017 timeline
Nextcloud disclosed a bug submitted by xyberwolf 
Directory Listing In Subdomain Of nextcloud.com
14 Jul 2017 timeline
WordPress disclosed a bug submitted by eidelweiss 
Stored self-XSS in mercantile.wordpress.org checkout
14 Jul 2017 timeline
concrete5 disclosed a bug submitted by bl4de 
Stored XSS in Headline TextControl element in Express forms [ concrete5 8.1.0 ]
14 Jul 2017 timeline
ToyTalk disclosed a bug submitted by saidon_1015 
Host Header Injection and Cache Poisoning
13 Jul 2017 timeline
Uber disclosed a bug submitted by arneswinnen 
Authentication bypass on auth.uber.com via subdomain takeover of saostatic.uber.com
13 Jul 2017 timeline
Mapbox disclosed a bug submitted by sahilsaif 
Public access to objects in AWS S3 bucket
12 Jul 2017 timeline
Trello disclosed a bug submitted by b14ck_eye 
Unpatched (https://hackerone.com/reports/221928)- Unviladate File Upload to XSS on trello-attachment Bucket
12 Jul 2017 timeline
Algolia disclosed a bug submitted by an0n-j 
SAUCE Access_key and User_name leaked in Travis CI build logs
12 Jul 2017 timeline
The Internet disclosed a bug submitted by magnusstubman 
ntpd: read_mru_list() does inadequate incoming packet checks
12 Jul 2017 timeline
The Internet disclosed a bug submitted by claudijd 
Mercurial can be tricked into granting authorized users access to the Python debugger
12 Jul 2017 timeline
Trello disclosed a bug submitted by ajdumanhug 
Cross-Site Scripting on Trello's iPhone App
12 Jul 2017 timeline
Shopify disclosed a bug submitted by pappan 
SQL Exception thrown during product import
12 Jul 2017 timeline
Gratipay disclosed a bug submitted by hunter012 
This is a test report
11 Jul 2017 timeline
Mapbox disclosed a bug submitted by geeknik 
null pointer dereference and segfault in tile-count-merge
11 Jul 2017 timeline
1 2 3 4 ... 208
Follow @disclosedh1 on twitter to receive updates when a new bug is disclosed!
Twitter
BY DENIS WERNER - @NOBBD - IMPRESSUM