I bypassed AWS API Gateway auth with a trailing slash. Got $12K bounty (opens in new tab)

This is going to make a lot of DevOps engineers audit their setups today

Nice, you got paid 12k for a defect that could've cost them millions