Kostya Kortchinsky @crypt0ad
🇫🇷 grep'ing for memcpy() since 2002AD. Currently @ Databricks. Formerly GOOG, MSFT. Tweets are my own, and sometimes attempts at being funny. Seattle, WA Joined April 2011-
Tweets3K
-
Followers8K
-
Following139
-
Likes4K
This is that time of the year! Submit and come to Paris to share your shiniest research 🌟
📢 CALL FOR PAPERS IS OPEN! 📢 Ready to share your latest security research with the community at Hexacon? The stage is yours. Submit your talks here: hexacon.fr/conference/cal… 💻✨
A recent meal aboard the Lincoln CSG, fighting for months off the coast of Iran. Sailors reportedly say ships in the region have been rationing food supplies as the deployment wears on -USA Today
US medical device maker Stryker hit with cyberattack from Iranian hacktivists who remotely wiped employee devices. "many employees have had their device data wiped and cannot access their accounts" Stryker makes surgical/imaging equipment, defibrillators corkbeo.ie/news/local-new…
The real story is worse. November 2025: Amazon mandates Kiro as their only AI coding tool. Sets an 80% weekly usage target. 1,500 engineers protest internally, saying Claude Code outperforms it. Leadership pushes through anyway. December: Kiro autonomously deletes a production AWS environment. 13-hour outage. Amazon's response: "user error, not AI autonomy." March 5: Amazon[.]com goes down for 6 hours. Checkout, pricing, accounts — all gone. Now the same SVP who co-signed the Kiro mandate is running an emergency meeting about "high blast radius" incidents from "Gen-AI assisted changes." The agent inherited a senior engineer's permissions and acted like one — except it doesn't hesitate. 1,500 engineers said the tool wasn't ready. Leadership made adoption a KPI. Amazon told Wall Street it's spending $200B on AI this year. They can't walk it back. This isn't an AI failure. It's what happens when adoption becomes a corporate OKR before the review process catches up. The tools work. The org chart didn't.
BREAKING: Amazon reportedly holds mandatory meeting after “vibe coded” changes trigger major outages.
Just derestricted a now-fixed kernel bug in Pixel 10. I think this ranks as the most easily exploited kernel bug of all time😬 Thanks to @tehjh for collab'ing on this driver and full credits for noticing this bug in the first 5 minutes of auditing😂 project-zero.issues.chromium.org/issues/4634382…
We're introducing Codex Security. An application security agent that helps you secure your codebase by finding vulnerabilities, validating them, and proposing fixes you can review and patch. Now, teams can focus on the vulnerabilities that matter and ship code faster. openai.com/index/codex-se…
SCOOP: Top investigators at Binance were fired after they uncovered evidence of more than $1 billion in Tether flowing to Iranian entities through the exchange in potential violation of sanctions laws. fortune.com/2026/02/13/bin… New piece w/ @bdanweiss
Introducing the Codex app—a powerful command center for building with agents. Now available on macOS. openai.com/codex/
Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded from 95.179.213[.]0 after notepad++.exe -> GUP.exe - file hashes for update.exe / log.dll / BluetoothService.exe / conf.c / libtcc.dll - network IOCs incl. api[.]skycloudcenter[.]com (-> 61.4.102[.]97), api[.]wiresguard[.]com, 59.110.7[.]32, 124.222.137[.]114 by @rapid7 rapid7.com/blog/post/tr-c…
This is bad. Putty level bad. notepad-plus-plus.org/news/hijacked-…
This is bad. Putty level bad. notepad-plus-plus.org/news/hijacked-…
At #Pwn2Own Berlin 2025, a full exploit chain against VMware Workstation was demonstrated via a heap overflow in the PVSCSI controller. Despite Windows 11 LFH mitigations, advanced heap shaping and side-channel techniques enabled a reliable exploit. 🔍 Full technical write-up 👇 synacktiv.com/en/publication…
Verified! @Synacktiv chained two vulnerabilities - an information leak and an out‑of‑bounds write - to achieve a full win in the Tesla Infotainment USB‑based Attack category, earning $35,000 USD and 3.5 Master of Pwn points. #Pwn2Own #P2OAuto
Blog post: On the Coming Industrialisation of Exploit Generation with LLMs sean.heelan.io/2026/01/18/on-… TL;DR: I ran an experiment with GPT-5.2 and Opus 4.5 based agents to generate exploits for a zeroday QuickJS bug. They're pretty good at it. Code: github.com/SeanHeelan/ana…
@seanhn SROP chain, exit handler to setcontext+0x35, uc with rip=syscall_gadget,rsp=&frame1,rax=SYS_rt_sigreturn,uc.ssp=leaked_ssp and then build frames with with rip to syscall, rax to SYS_*, regs to params, and rsp to next frame. No returns, but leaked_ssp required?
@seanhn AI says to make the exit handler call a libc context-switch gadget (setcontext+0x35 or the like) and drive a tiny ROP chain that does openat/write/close. __exit_funcs flavor ef_cxa, fn=setcontext,arg=&uc. With uc rsp=&rop[0],rip=ret_gadget, registers as needed
Halvar Flake @halvarflake
45K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
lcamtuf @lcamtuf
40K Followers 498 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
Brendan Dolan-Gavitt @moyix
33K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
thaddeus e. grugq @thegrugq
128K Followers 420 Following Hacker :: PhD researcher @warstudies @KingsCollegeLon :: [email protected] :: PGP https://t.co/dYipV8y3bo
Greg Linares (Laughin... @Laughing_Mantis
37K Followers 2K Following 20+ yrs in Infosec. Malware Influencer. I turn Malware into Art and Music. Art @MalwareArt. 4x Pwnie Nominee. 𝕍𝕏. GameDev. Autistic.
Richard Johnson @richinseattle
19K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
Justin Elze @HackingLZ
71K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Will Dormann is on Ma... @wdormann
27K Followers 1K Following I play with vulnerabilities and exploits. I used to be here on Twitter but now I'm here: @[email protected] https://t.co/hXggdAVkSQ
ϻг_ϻε @steventseeley
23K Followers 557 Following Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. An adept in the making.
Alex Plaskett @alexjplaskett
14K Followers 585 Following Security Researcher | Pwn2Own 2018, 2021, 2022, 2024 | Posts about 0day, OS, mobile and embedded security.
Ange @angealbertini
25K Followers 919 Following Reverse engineer, file formats expert. Corkami, CPS2Shock, PoC||GTFO, Sha1tered, Magika... Security engineer @ Google. He/him.
Thomas Roccia 🤘 @fr0gger_
35K Followers 2K Following AI Security x Threat Intel · Threat Researcher · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @Microsoft @McAfee_Labs
chrisrohlf @chrisrohlf
11K Followers 926 Following Waging algorithmic warfare since 2003. Engineer, Researcher. MTS @ Anthropic, Non-Resident Research Fellow @CSETGeorgetown CyberAI
Hash Miser @H_Miser
9K Followers 1K Following Internet janitor, #CERT #BlueTeam and Whisk(e)y enthusiast "Everything you do is useless ! Enjoy 🍻" [email protected] https://t.co/pBOfukJZJi
Nicolas Grégoire @Agarri_FR
28K Followers 628 Following Web hacker and Burp Suite Pro trainer Refer to https://t.co/D5tRH7U2hg for trainings Follow @MasteringBurp for free tips and tricks
James Forshaw @tiraniddo
49K Followers 336 Following Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected]
Maddie Stone @maddiestone
62K Followers 796 Following Security Researcher. Previously Google Project Zero and TAG | 0days all day. Love all things bytes, assembly, and glitter. she/her.
Ivan Fratric 💙💛 @ifsecure
19K Followers 209 Following Tech lead and security researcher at Google Project Zero. Author: Jackalope, TinyInst, WinAFL, Domato. PhD. Tweets are my own. Backup @[email protected]
Quý Thiện Nguyễn @QTN9527
0 Followers 69 Following
Ngoc Trần @NgocTrn88192890
8 Followers 502 Following
Shivani Singh @shi2000vani2000
1 Followers 7K Following
Calif @calif_io
5K Followers 30 Following We're https://t.co/KTEDnC2VUV. Join us to make the Internet safer for your mum and everyone else: https://t.co/eUFMLkW9t2.
coddrake @coddrakebr
9 Followers 91 Following Red Team Operator, Cyber Threat Intelligence, Malware Researcher
Michael Williams @MichaelWil7yf
0 Followers 64 Following
Yazidou @xacone_
1K Followers 265 Following Another infosec noobie | training @hackthebox_eu | https://t.co/GjpAvsvC93 | 🏴☠️
James Ibrahim @JamesIb54140322
51 Followers 4K Following
DiegoAltF4 @Diego_AltF4
706 Followers 2K Following Binary Exploitation & Fuzzing enthusiast with a special focus on Hypervisors
Zihao Zhang 🍓 @zzh8829
929 Followers 1K Following 🍓🧑🌾🌦️ @OpenAI | @AlertyAI @Zeet_Co @fdotinc @google @twitch @amazon @square @yelp @yahoo
Nico Heijningen @NicoHeijningen
58 Followers 2K Following
Ant Burton @apburton84
34 Followers 542 Following Data Sorcerer 🧙♂️ Unleashing powerful insights as a Lead Data Scientist. Let's make data magic! ✨
Merritt Baer @MerrittBaer
13K Followers 8K Following Chief Security Officer @enkryptai. company advisor. former: @AWS OCISO, USG security. work: emerging tech, infosec, AI security, crop tops, future of internet
Alex Rad @defendtheworld
2K Followers 1K Following On a mission to make networking secure and simple. https://t.co/NnoAMwpuYA
MAk @BugBountyBeast
7 Followers 1K Following
John Walters @johnwalters1111
1K Followers 2K Following
d4rkc0nd0r @d4rkc0nd0r
272 Followers 867 Following
AMITAY GAMLIEL @AMITAYG1
394 Followers 5K Following Director of Municipal Procurement and Technologies, Or Yehuda MunicipalityExcellence is not a one-time event, but a habit that becomes part of Aristotle's way.
Crispr @crispr_x
630 Followers 421 Following CTFer@Dubhe / 2024 & 2025 MSRC MVR / Windows security / Agent security/ BlackHat USA,EU / Speaker of PoC & Re//verse Graduate for Ph.D. in Fudan University
Aamir Khan @ThatsAamir
250 Followers 1K Following Mobile and Web Application Security Analyst | Ethical Hacker | Acknowledged and Rewarded By Google, Facebook, Twitter, Microsoft and 100’s more.😎
DannyFromSafeStore @FromSafe68826
36 Followers 1K Following
Satar @satar_nz
586 Followers 7K Following
gk98 @98erKAG
41 Followers 2K Following
Quang Nguyen @develbranch
1 Followers 313 Following
RealVovochka @TobyFrei4
759 Followers 1K Following Decentralization Maxi | On-chain sleuth | Investigator
Alex Dimakis @AlexGDimakis
24K Followers 3K Following Professor, UC berkeley | Founder @bespokelabsai |
T1nt1n @t1nt1nsn0wy
679 Followers 5K Following Noobie H4CK3R and researcher at @qualys. Prev @pwc. Views are my own :)
Angelboy @scwuaptx
6K Followers 988 Following Senior Security Researcher at @d3vc0r3 MSRC 2024/2025 MVR Top 100
Sayed Abdelhafiz @dPhoeniixx
3K Followers 779 Following
curiouspocket @curiouspocket
0 Followers 465 Following
benji net and yahoo @neggajuus
130 Followers 2K Following ex bcg - they fucked me up so bad I did a genocide.
theodorosc ⚡ @theodorosc
1K Followers 4K Following
Evan Jiang @JiangEvan31455
3 Followers 226 Following
jfg @fourierproject
50 Followers 236 Following working on https://t.co/GVoMh1c9Tv - filtering for high signal people and information
Guillaume Juret @GuillaumeJuret
0 Followers 30 Following
Don Romano @don_romanooo
15 Followers 231 Following
DEepidictlibrot @epidictlibrotde
103 Followers 6K Following
hamidu nuhu @hamidunuhu75963
1 Followers 55 Following
Halvar Flake @halvarflake
45K Followers 3K Following Choose disfavour where obedience does not bring honour. I do math. And was once asked by R. Morris Sr. : "For whom?" @[email protected]
lcamtuf @lcamtuf
40K Followers 498 Following Substack: https://t.co/yFvmNisGW3 Homepage: https://t.co/iFAXZxCO5H
mdowd @mdowd
33K Followers 754 Following Internet Hacker. Founder of @vigilant_labs. Previously, co-founder of Azimuth Security (now L3Harris Trenchant)
Project Zero Bugs @ProjectZeroBugs
37K Followers 0 Following A bot that posts the latest blog posts and disclosures from Google's Project Zero
TrendAI Zero Day Init... @thezdi
89K Followers 16 Following TrendAI Zero Day Initiative™ (ZDI) is a program designed to reward security researchers for responsibly disclosing vulnerabilities.
chrisrohlf @chrisrohlf
11K Followers 926 Following Waging algorithmic warfare since 2003. Engineer, Researcher. MTS @ Anthropic, Non-Resident Research Fellow @CSETGeorgetown CyberAI
James Forshaw @tiraniddo
49K Followers 336 Following Security researcher in Google Project Zero. Author of Attacking Network Protocols. Tweets are my own etc. Mastodon: @[email protected]
Maddie Stone @maddiestone
62K Followers 796 Following Security Researcher. Previously Google Project Zero and TAG | 0days all day. Love all things bytes, assembly, and glitter. she/her.
Ivan Fratric 💙💛 @ifsecure
19K Followers 209 Following Tech lead and security researcher at Google Project Zero. Author: Jackalope, TinyInst, WinAFL, Domato. PhD. Tweets are my own. Backup @[email protected]
Mari0n @pinkflawd
12K Followers 608 Following nutcracker by heart • tweets are my own, but if someone wants to buy them.. errr kidding
Shane Huntley @ShaneHuntley
17K Followers 1K Following Security / tech guy. Google Threat Intelligence Group but tweets are my own.
Dave Aitel @daveaitel
29K Followers 2K Following Cyber Security Researcher | Policy Analyst | Technical Team Member at OpenAI | @[email protected]
Rodrigo Branco @bsdaemon
13K Followers 4K Following Chief Architect, Security Research of BigTech Advisor of Grsecurity. BYOS Commitee Member of OffensiveCon, Langsec, DistrictCon, Secdev
Alex Ionescu @aionescu
47K Followers 2K Following Chief Technical Innovation Officer @crowdstrike. Windows Internals author and trainer. He/Him. RTs are not endorsements, opinions are my own.
Brad Spengler @spendergrsec
7K Followers 4 Following President of @opensrcsec, developer of @grsecurity Personal account
Chromium Disclosed Se... @BugsChromium
8K Followers 0 Following Tweets publicly disclosed bugs in Chromium. Not an official Google product. Run by @SecurityMB. Mastodon: @[email protected]
Calif @calif_io
5K Followers 30 Following We're https://t.co/KTEDnC2VUV. Join us to make the Internet safer for your mum and everyone else: https://t.co/eUFMLkW9t2.
itszn @itszn13
11K Followers 733 Following Amy | Security researcher @ OpenAI | https://t.co/W1SE7NmCx8 | bsky: https://t.co/JBmOGE4YKO | LLM ART: https://t.co/7FtQ8O8nAW
thomas🌦 @zemnmez
4K Followers 5K Following teaching computers love @openai. previously @google @twitch @ncsc. @forbesunder30 alumnus & @defcon black badge holder
DANΞ @cryps1s
16K Followers 488 Following CISO @OpenAI | Ex-CISO @PalantirTech | Occasional Shitposter | 🇺🇸 All views are my own, not my employer. Duh. (Tweets == 30d retention)
Hexacon @hexacon_fr
6K Followers 1 Following Offensive security conference in the heart of Paris. 16-17th October 2026 Join our Discord server! https://t.co/Btl15G8LsI
Tibor Blaho @btibor91
39K Followers 2K Following Lead Engineer at @AIPRMcorp (https://t.co/fepyWfV4kA) and @lrt_co (https://t.co/p7LEvIKduG), building AIPRM for ChatGPT & Claude. Signal @ btibor.91
Martin Untersinger @martin_u
19K Followers 1K Following Journaliste au Monde (@pixelsfr), parti poster ici : https://t.co/f98azD6u0k
Tucker the Mariners P... @MarinersPup
25K Followers 14 Following The official pup of the @Mariners! Can do a barrel roll, loves fetch, will sign autographs for treats 🐾
Kim Zetter @KimZetter
94K Followers 3K Following Journalist - cyber/national security. Author - COUNTDOWN TO ZERO DAY: Stuxnet and the Launch of the World's First Digital Weapon. https://t.co/334DzfSL1f
NWS Seattle @NWSSeattle
241K Followers 428 Following Official Twitter account for the National Weather Service Seattle. Details: https://t.co/yoQbjVwBSK
TheZDIBugs @TheZDIBugs
6K Followers 2 Following Checks for high severity, 0day, or Pwn2Own related advisories published by @thezdi
Steve Weis @sweis
11K Followers 3K Following Software engineer at @anthropicai interested in cryptography, security, privacy, and machine learning.
Titanforge Podcast @TitanforgeWOW
5K Followers 61 Following Thursdays at 4:00pm PST / 1:00 CEST! A World of Warcraft PVE podcast by @trellsky, @tettles1, and @dratnos Check us out at https://t.co/UwstAlOwcR
human cpu (no longer ... @cpuGoogle
2K Followers 255 Following Fuchsia kernel (Zircon) technical lead. Follow me at the blue butterfly social network.
Governor Bob Ferguson @GovBobFerguson
379K Followers 712 Following Governor of the State of Washington
Microsoft Security Re... @msftsecresponse
145K Followers 215 Following We are the Microsoft Security Response Center. To report security vulnerabilities or abuse in Microsoft products, visit https://t.co/kxEbdfMny1.
Keystone Productions @Keystone_Prod
3K Followers 113 Following Keystone Productions | We blend cutting-edge tech with our creative flair to bring you immersive experiences like never before 📧 [email protected]
s1341 @srubenst1341
547 Followers 133 Following
SeattlePD John1 @SeattlePDJ1
1K Followers 2 Following News/events from Seattle Police. This site is not monitored. Call 911 for emergencies. Comments, list of followers subject to public disclosure (RCW 42.56).
Ronald Huizer @ronaldhuizer
425 Followers 207 Following Likes video games better than computer security. Senior security researcher.
optimyze.cloud @OptimyzeCloud
1K Followers 40 Following Hyperscaler software efficiency. For everybody. Acquired by @Elastic.
Elias Bachaalany @0xeb
3K Followers 7K Following I love learning new things, writing and teaching. Public account: @eliasbchlny
Bas @basalberts
2K Followers 527 Following
PrFalken @martinbayard
151 Followers 280 Following Cyber Security Enthusiast 🇧🇪, Metal Music Lover 🤟🏽, Cat Father 😼, Donuts Eater 🍩, He/Him ♂️. Mastodon : https://t.co/P9Aewt9zTb
Seattle Police Depart... @SeattlePD
549K Followers 1K Following Seattle PD news/events. Not Monitored. Call 911 to report emergencies. Privacy Policy: https://t.co/T5EaWoa7EZ * Preliminary Info Subject To Change
WarcraftDevs @WarcraftDevs
249K Followers 42 Following Official World of Warcraft design insights and information.
Matt Conover @w00matt
1K Followers 5K Following Founder of CloudVolumes & w00w00, Principal Engineer & Chief Architect @ VMware
Ryan Smith @hustlelabs
2K Followers 376 Following Henceforth, it is the map that precedes the territory. If we were to revive the fable, it would be the territory whose shreds are rotting across the map.
Andrey Konovalov @andreyknvl
7K Followers 860 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.
Vlad Tsyrklevich @vlad902
1K Followers 457 Following https://t.co/mb468IRqMU https://t.co/s3Ukqzv2wy
Infiltrate @InfiltrateCon
7K Followers 158 Following The original offensive information security conference.
🌻мара-яга¹ @marasawr
5K Followers 277 Following ¹ OG citation wizard; baddie-bonking femme them. Fmr cyber policy meganerd. the⟦y|m⟧ 🏳️⚧️ https://t.co/9ZBG9QgIEZ🦣 https://t.co/lzRk1ZO3K8
stephen @_tsuro
10K Followers 526 Following @v8js security, CTFs and CPU vulnz. LCHL. @[email protected]
Essy @casheeew
770 Followers 643 FollowingYou might like
