For security issues with Hacker News, please visit https://news.ycombinator.com/security.html.
Y Combinator considers the security of our systems and applications to be of the utmost importance.
Y Combinator welcomes input from the security research community. Through responsible disclosure we hope to improve the security of our applications and user data. To that end, we encourage security researchers to notify us of any potential vulnerabilities uncovered to firstname.lastname@example.org. Reports received through this channel should receive a prompt reply and if you do not receive a timely response we ask that you please attempt to contact us again. To protect our users we also request that you please refrain from sharing information about any potential vulnerabilities with anyone outside of YC. Once we have confirmed the vulnerability and mitigation we hope that you will join us in an announcement.
While researching, we'd like to ask you to refrain from:
We do pay bug bounties at our discretion for significant vulnerabilities responsibly disclosed.
Thanks to the following people who have discovered and responsibly disclosed security holes in Y Combinator software.
20180304 Arkadiy Tetelman
20180313 Wai Yan Aung
20180429 Mohamed Sayed
20180501 Wai Yan Aung
20180501 Faizal Abroni
20180917 Philip Thomas
20181023 Philip Thomas
20200714 Pritam Mukherjee
20200720 Shiraz Ali Khan
20201124 Anil Bhatt
20210524 Kuter Dinel
20220121 Shishir Shrestha