The author discovered that someone was intercepting and replaying his web traffic, which indicated his home network or modem had been compromised. After investigating, he found the IP address belonged to DigitalOcean and had previously been used for phishing and malware campaigns. The author was unable to keep the potentially compromised modem when getting a replacement, so he had to give it back to his ISP, Cox. Years later, the author's cybersecurity friends looked into the incident further and discovered the IP address was part of a domain generation algorithm used by malware. They also found that the Cox business portal had an exposed API that could be used to access and control customer modems without authorization. The author reported the vulnerabilities to Cox, who quickly fixed the issues.

- Zendesk Vulnerability: A single bug in Zendesk allowed attackers to access customer support tickets from various Fortune 500 companies due to inadequate email spoofing protection.
- Security Risks: Connecting Zendesk to company domains used for Single Sign-On (SSO) created potential security gaps, enabling unauthorized access to internal systems.
- Email Spoofing Exploit: The vulnerability exploited Zendesk's ticketing system, where attackers could impersonate legitimate users and gain full access to ongoing support conversations.
- Bug Bounty Program Issues: Initial reporting of the vulnerability through Zendesk's bug bounty program was rejected as "out of scope," highlighting flaws in their triage process.
- Escalation to Slack Access: The author replicated a previous exploit to gain access to private Slack channels of multiple companies by leveraging the same vulnerability in conjunction with Apple's email verification process.
- Complex Attack Steps: The attack required meticulous planning, including creating accounts and spoofing emails to exploit the vulnerability effectively.
- Pressure on Zendesk: The author reported the vulnerability to affected companies, which pressured Zendesk to take action, leading to eventual acknowledgment and a fix after months of delay.
- Financial Rewards: The author earned over $50,000 in bug bounties from individual companies for reporting the vulnerability, despite Zendesk refusing to award any bounty.
- Zendesk's Response: After a lengthy period, Zendesk implemented fixes, including improved spam filtering and sender authentication, but did not recognize the initial report.
- Bug Hunting Reality: The experience underscores the unpredictable nature of bug hunting, where outcomes can vary significantly, and recognition may not always follow successful disclosures.

Cellebrite makes software to automate physically extracting and indexing data from mobile devices. They exist within the grey – where enterprise branding joins together with the larcenous to be called “digital intelligence.” Their customer list has included authoritarian regimes in Belarus, Russia, Venezuela, and China; death squads in Bangladesh; military juntas in Myanmar; and those seeking to abuse and oppress in Turkey, UAE, and elsewhere. A few months ago, they announced that they added Signal support to their software.