It’s good to see that the attitude towards public disclosure of PoC exploits has shifted. The criticism of researchers who decide to jump the gun is deserved but, collectively, we need to focus on setting up more robust disclosure processes for everyone so that the public PoC scenario is not repeated the next time a vulnerability like Log4Shell is discovered.
Read full article on Help Net Security