https://www.theregister.co.uk/2019/08/22/valve_bug_bounty_steam_u_turn/

Games giant Valve is attempting to make nice with the infosec bod who disclosed zero-day exploits for vulnerabilities in Steam after the corporation refused to pay out bug bounties for the flaws.

On Thursday, Valve said it would patch both of the holes discovered by bug-hunter Vasily Kravets, and will consider reinstating Kravets into the biz's bug bounty program, run by HackerOne. "We have released updates to the Steam Client public beta channel to address these issues, and we have already pushed some initial fixes to all users," the US corp told us.