I know some of them in person as I'm involved in the bug bounty scene myself. What they work on varies depending on skill set and interest. I do not personally know any security researchers with high impact vulnerabilites in iOS but those people get paid millions and you'll never hear about them.
What I do know is that they tend to sell their exploits through exploit brokers like Zerodium.
No comments yet.