Last revised: 30/03/2025
At EX.CO, we take security seriously and are committed to protecting the data and privacy of our users and partners. We recognize the valuable role that security researchers play in improving online safety and welcome responsible disclosures of security vulnerabilities.
If you believe you’ve found a vulnerability affecting any part of our platform, we ask that you report it to us through our official bug bounty program.
We ask that researchers:
Report vulnerabilities only via our OpenBugBounty profile
Do not exploit or abuse the vulnerability
Avoid accessing or modifying user data
Refrain from any activity that could disrupt services (e.g., DDoS, brute force)
Only test systems under the https://ex.co domain or related subdomains
Allow us reasonable time to investigate and remediate the issue
Please report vulnerabilities through our official OpenBugBounty page:
👉  https://www.openbugbounty.org/bugbounty/EXCOTECHNOLOGIESLTD
This ensures your report is handled quickly and securely by our security team.
A timely response via the OpenBugBounty platform
Recognition for valid, impactful submissions
Possible non-monetary rewards or public acknowledgment
A safer experience for our users—thanks to you!
We greatly appreciate your help in keeping EX.CO secure.