CTS-Labs finds a bunch of AMD vulns which is great. Seems like AMD is working on firmware patches that should be out shortly.
But the whole thing looks like a publicity stunt and/or a way to financially gain by shorting AMD stock.
And they only gave AMD 24 hours notice before public disclosure. If this becomes the norm, you’ll see more companies trying to suppress vulnerability disclosures using lawyers or the courts and I would not blame them.