<![CDATA[I've tried to report a security vulnerability to @signalapp for months now (first attempt was 2025-11-23 to the official security-at email address).]]>I've tried to report a security vulnerability to @signalapp for months now (first attempt was 2025-11-23 to the official security-at email address). I haven't gotten any response from them, even after repeated attempts. This is highly frustrating.

Is there a way to reach them? I don't need any kind of special treatment, just someone acknowledging that the message has been received would be okay.

]]>https://board.circlewithadot.net/topic/a8b680df-33ab-4ec9-8ff9-7c6f0b3921d9/i-ve-tried-to-report-a-security-vulnerability-to-@signalapp-for-months-now-first-attempt-was-2025-11-23-to-the-official-security-at-email-address-.RSS for NodeFri, 15 May 2026 05:12:08 GMTWed, 22 Apr 2026 21:06:25 GMT60<![CDATA[Reply to I've tried to report a security vulnerability to @signalapp for months now (first attempt was 2025-11-23 to the official security-at email address). on Thu, 23 Apr 2026 10:58:09 GMT]]>@Netux @signalapp I of course included PoC. This is no my first ride.

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/harrysintonen/statuses/116453663661644673https://board.circlewithadot.net/post/https://infosec.exchange/users/harrysintonen/statuses/116453663661644673Thu, 23 Apr 2026 10:58:09 GMT<![CDATA[Reply to I've tried to report a security vulnerability to @signalapp for months now (first attempt was 2025-11-23 to the official security-at email address). on Thu, 23 Apr 2026 08:38:50 GMT]]>@harrysintonen @signalapp use it to send them something that demonstrates the problem? Like their screenshot or password, whatever the issue is.

]]>https://board.circlewithadot.net/post/https://mastodon.sdf.org/users/Netux/statuses/116453115854603807https://board.circlewithadot.net/post/https://mastodon.sdf.org/users/Netux/statuses/116453115854603807Thu, 23 Apr 2026 08:38:50 GMT<![CDATA[Reply to I've tried to report a security vulnerability to @signalapp for months now (first attempt was 2025-11-23 to the official security-at email address). on Thu, 23 Apr 2026 07:12:46 GMT]]>@harrysintonen @signalapp @Mer__edith might care.

]]>https://board.circlewithadot.net/post/https://social.finkhaeuser.de/users/jens/statuses/116452777412354274https://board.circlewithadot.net/post/https://social.finkhaeuser.de/users/jens/statuses/116452777412354274Thu, 23 Apr 2026 07:12:46 GMT<![CDATA[Reply to I've tried to report a security vulnerability to @signalapp for months now (first attempt was 2025-11-23 to the official security-at email address). on Thu, 23 Apr 2026 06:55:03 GMT]]>@harrysintonen @signalapp CC @fj You still know any folks there who might be able to help (themselves, I guess, at this point?)

]]>https://board.circlewithadot.net/post/https://mastodon.ar.al/users/aral/statuses/116452707790159827https://board.circlewithadot.net/post/https://mastodon.ar.al/users/aral/statuses/116452707790159827Thu, 23 Apr 2026 06:55:03 GMT<![CDATA[Reply to I've tried to report a security vulnerability to @signalapp for months now (first attempt was 2025-11-23 to the official security-at email address). on Thu, 23 Apr 2026 06:27:04 GMT]]>@harrysintonen @signalapp cc: @soatok

]]>https://board.circlewithadot.net/post/https://chaos.social/users/tris/statuses/116452597729275735https://board.circlewithadot.net/post/https://chaos.social/users/tris/statuses/116452597729275735Thu, 23 Apr 2026 06:27:04 GMT<![CDATA[Reply to I've tried to report a security vulnerability to @signalapp for months now (first attempt was 2025-11-23 to the official security-at email address). on Thu, 23 Apr 2026 06:14:40 GMT]]>@harrysintonen similar experience reporting bugs here, all mine ended in WONTFIX or closed for inactivity after years. I just didn’t cared anymore

]]>https://board.circlewithadot.net/post/https://infosec.exchange/users/pancake/statuses/116452548980500415https://board.circlewithadot.net/post/https://infosec.exchange/users/pancake/statuses/116452548980500415Thu, 23 Apr 2026 06:14:40 GMT<![CDATA[Reply to I've tried to report a security vulnerability to @signalapp for months now (first attempt was 2025-11-23 to the official security-at email address). on Wed, 22 Apr 2026 21:25:20 GMT]]>@harrysintonen @signalapp

Adding @Mer__edith

]]>https://board.circlewithadot.net/post/https://social.linux.pizza/users/leffe/statuses/116450467526029026https://board.circlewithadot.net/post/https://social.linux.pizza/users/leffe/statuses/116450467526029026Wed, 22 Apr 2026 21:25:20 GMT