attritionorg
commented
3 years ago "If you do not correct yourself in the next 24hours, we will therefore take judicial action."
That is a clear legal threat. Unfortunately the email that contains that is not well-written overall and it is difficult to figure out the actual full dialog between Secunia and VLC. Without that, we can only really go off what is available.
I'm not sure what the "nice trophy" refers to. Secunia, during that time period, had a group of researchers that routinely disclosed vulnerabilities in a wide variety of products and released advisories covering that information. If memory serves, they coordinated disclosure many times so it wasn't a policy to blindside vendors or only post advisories for attention, although that is certainly a side benefit after the fact for any company doing research.
sickcodes
As much as I appreciate you compiling and shaming companies that threaten researchers, it is clear that the research team at Secunia were mostly interested to prop their brand than actually researching and helping the open source project.
I understand that lawyering up is not the most optimal solution, but here, it is clearly a case where they are not actually pointing out a vulnerability, just trying to get a nice trophy and holding on to it as long as possible.