San Francisco security researcher Noah Roskin-Frazee and a co-defendant were charged with allegedly defrauding Apple by using a password reset tool to break into the account of...
The timing is probably just coincidence. He probably submitted a bug bounty weeks or months earlier and it just now got included in release notes
The fraudulent orders happened a few years ago, which was alleged recently
The indictment states that the pair attempted to fraudulently obtain over $3 million from Apple through more than two dozen fraudulent orders. For orders that did complete, they obtained around $2.5 million in electronic gift cards and more than $100,000 in “products and services.” The scheme started in December 2018 and continued until at least March 2019.
The fraudulent orders happened a few years ago, which was alleged recently