FuzzingLabs has accused Gecko Security of copying its vulnerability disclosures, including PoCs and re-submitting CVEs, and backdating blog posts to appear older. Gecko denies wrongdoing, attributing the overlaps to misunderstandings and coordination issues, while the cybersecurity community questions the claims. #FuzzingLabs #GeckoSecurity #CVEs #VulnerabilityDisclosure
Keypoints
- FuzzingLabs alleges that Gecko Security copied vulnerability PoCs and claimed credit for CVEs.
- The vulnerabilities involved include Ollama server token theft and Gradio DoS attack.
- FuzzingLabs found evidence of copied work and backdated blog posts by Gecko Security.
- Both companies have responded differently, with Gecko denying intentional plagiarism.
- The dispute highlights challenges in responsible disclosure and credit in cybersecurity research.