Security researcher Micah Lee reveals ICEBlock's server runs outdated Apache software with known critical vulnerabilities, including CVE-2024-38476. Despite multiple responsible disclosure attempts, developer Joshua Aaron ignored warnings and blocked the researcher, leaving over one million users potentially at risk.