Afaik most of new casino like this usually don’t invest much on public bug bounty program so what you are doing is just a volunteer work and you don’t need to demand them to pay you.
Yes, most new casinos do not have bug bounty programs. But, generally, when someone reports a serious vulnerability which may put customers funds or data to risk, they usually give a reward to the reporter as a gesture of gratitude (the reward can be in any form like special badge or membership, not necessarily money).
Meaning that they are already aware and probably fixed so your warning here is already not valid. Your negative comment is an obvious retaliation for not paying to your volunteer service.
This is what bug hunters usually do. They publicly disclose the vulnerability after being sure it has been fixed.
Vulnerabilities have been found on the world's most popular websites (Google, fb..). So, OP should not take this personally.