Jacolon Walker @call_eax
Ex-founder | Security Researcher | 👨🌾 Homesteader blog.stellersjay.pub Joined May 2022-
Tweets809
-
Followers168
-
Following796
-
Likes821
The future of compute for LLM workflows is definitely running on affordable hardware at home. Privacy over handing identity over because of a use case seems over compensating. support.claude.com/en/articles/14… - updated this week.
the watchers: how openai, the US government, and persona have been secretly running an identity surveillance system since nov 2023. vmfunc.re/blog/persona researched by @vmfunc, @MDLcsgo, @DziurwaF
Everyone using OSS harnesses for bug hunting but wouldn't you rather just build your own? I truly believe custom will out weigh the shared.
Bug trackers are some of the most informative and content rich platforms to learn about certain bug classes and how developers focus on fixes. It is always worth reading to learn and apply to your research.
@MartinShkreli Opus 4.7 and 4.8 are good. You just need to come with a good solid harness. If wanting local models qwen3 and gemma pair well together.
Oh yes
“Mom, how did we got so rich?” “You father stopped d*cking around with bug bounty programs and sold his exploits to Western governments”
While everyone was on Holiday we scanned the Internet for #BadHost (CVE-2026-48710): zero auth required, affecting FastAPI, vLLM, LiteLLM, and many more - basically the whole AI infra stack! What we found is: clinical trial databases, email mailboxes, MCP server for SSH industrial IoT via bastion servers, and live PII APIs wide open. The FastAPI/MCP ecosystem is sitting exposed - patch to Starlette 1.0.1 NOW and check your exposure at badhost.org
@daveaitel Agreed! I've heard so many people use "step changes" and they can't articulate what it means. Usually they are just regurgitating what they see from marketing or "influencers".
“So just to make it really clear: If you found a bug using AI tools, the chances are somebody else found it too. If you actually want to add value, read the documentation, create a patch too, and add some real value on *top* of what the AI did. Don't be the drive-by ‘send a random report with no real understanding’ kind of person. OK?” Agreed you should add some real value. Submit a patch and tests, other wise it's just a report that wastes time.
Linus Torvalds says AI-powered bug hunters have made Linux security mailing list ‘almost entirely unmanageable’ theregister.com/security/2026/…
Boom! @chompie1337 wastes no time kicking off #Pwn2Own Berlin in style. She requires just a few second to get code execution on the NV Container Toolkit. She heads off to the disclosure room to provide all the details.
I agree bugs are being found faster and there are bottle necks for those who are maintainers and security teams. I wrote about it blog.stellersjay.pub/from-finding-t…
We were one of four initial grant recipients in @OpenAI's Trusted Access for Cyber program. Daybreak matters because frontier models now find bugs faster than maintainers can triage them, and that gap is about to get worse.
@lyq_sqsp 🍎 BB still 🗑️ . But glad you got a mention
We got the email too. We had a working RCE on Oracle Autonomous AI Database ready to demonstrate live at #Pwn2Own Berlin next week. ZDI confirmed they're at maximum capacity and can't add extra contest days. AI is now generating offensive capability faster than the institutions built to process it can keep up. We'll be in Berlin May 14-16 regardless. The conversations there will be really interesting!
‼️🚨 Pwn2Own Berlin 2026 just hit a wall. For the first time in 19-years, ZDI rejected dozens of working zero-day RCE submissions because organizers ran out of contest slots. Rejected hackers are now going public with PoC demos and direct vendor disclosures, breaking Pwn2Own's
With the low barrier to entry for vulnerability research due to AI, that used to require advanced and niche skills, I'm seeing that exploit mitigation bypasses are still difficult for AI. Weaponizing vulnerabilities still requires advanced knowledge. Disclosure != Skill...
@Steph3nSims @offby1security Thanks for sharing. I'm interested in how others are apply similarly. Especially how they would build it in product vs just in the infrastructure or edge side of things.
So what people going to do when all these hosted model providers start having "us-east-1" like outages during the work day? We going to revert to doing things like we use to pre AI? :D
@anton_chuvakin Two of those you can gamify and the other requires understanding of current time spent on triage and investigation. At least the ladder should map back to value based add which might be more expensive. I'd probably go with other: number of workflows defined.
Ken Williams @jkwkc
1K Followers 2K Following Cybersecurity, law enforcement, physical security, Packet Storm Security founder. A sense of peace wasn't meant for some, my friend.
itewqq @lyq_sqsp
2K Followers 691 Following Security researcher @DarknavyOrg. CTF player @0ops_ctf. Somehow got a PhD on hardware stuff @SJTU1896. Opinions/Shitposts are my own.
Gadi Evron @gadievron
7K Followers 2K Following CEO & Founder, Knostic. CISO-in-Residence for AI, Cloud Security Alliance. Founder @Cymmetria (acquired). Scifi geek, dance teacher. Opinions my own.
Juliano Rizzo @julianor
9K Followers 2K Following Crypto. Security. BEAST/CRIME SSL/TLS, Padding Oracle Attacks. CEO & Founder @coinspect
gk98 @98erKAG
44 Followers 2K Following
#WeAlliPhoneFamily @iM4CH3T3
27K Followers 3K Following 📱All about #iOS📱#iPhone • #iPad • #AppleWatch • #Exploits • #Jailbreaks • #Tweaks •Root-user best-user!!!•few jailbroken devices #checkm8 #xboxseriesx #ps5
^.Machtmensch @_foobarr
25 Followers 2K Following
Sam Thomas @xorpse
678 Followers 633 Following Program analysis. Reverse engineering. Backdoor detection.
Sloaslis @sloaslis87987
49 Followers 280 Following
Keven Bond @doubleohkeven
12 Followers 438 Following
Donna @AvlDonnaaaw
355 Followers 3K Following It`s better to be king of your own world rather than being a peasant in somebody`s land.
Elchapo.js @bashysureboi
624 Followers 4K Following
Himanshu @0xhimanshu
322 Followers 7K Following
الاسم @alasm1199736
1 Followers 192 Following
Nithin 🦹♂️ @thebinarybot
19K Followers 588 Following Heckr | Former Community Manager @InfoSecComm | eJPT | Certified Red Team Professional (CRTP)
Harry Wetherald @HarryWetherald
274 Followers 829 Following Co-founder & CEO at https://t.co/rX9jM9QmKW. Writing at: https://t.co/KWsf93l2Ga.
AISecHub @AISecHub
9K Followers 8K Following 🚀 AISecHub | AI & Cybersecurity | Securing AI systems, and sharing insights on emerging challenges | https://t.co/YeYtqq5tJC
QBit @QBit__
2 Followers 33 Following
Karolann Braun @KarolannB96880
146 Followers 5K Following
Bobby Hill @g_bobbyhill
16 Followers 305 Following Reverse Engineering. Malware Analysis. Windows Internals. C++ Programming.
shadow @_N00B_saib0t
77 Followers 3K Following
Zachary Lester @LesterBigW
106 Followers 355 Following Tired of tweeting into the void? | I automate 1,000 DMs/day on X + Reddit | Try free: https://t.co/w9ewPZ9H9F | 10-20% response rates | Growth Engineer
Anderson Nascimento @andersonc0d3
4K Followers 6K Following Director & Security Researcher @alleleintel
Lupovis @LupovisDefence
550 Followers 1K Following Real-time Contextual Threat intelligence Through Deception.
Yossi Tamarov @yossitamarov
111 Followers 821 Following
MonicaMoore @3r9sRD2B9gg7oZ
21 Followers 798 Following
Llewellyn Effertz @LlewellynE71125
118 Followers 5K Following
Brandon Edwards @drraid
5K Followers 1K Following CTO @crashappsec. Past: Cofounder and Chief Scientist @capsule8, Hacker-in-Residence @NYUTandon, and other research, reverse-engineering, and exploit dev roles.
Ioannis Gardikiotis @giannisG__
5 Followers 951 Following CSE student , wannabe future security researcher , my interests are vulnerability research & exploit development (pwn, rev)
elr1boss @elr1boss
11 Followers 157 Following Penetration Tester, 🪲 Bug Bounty Hunter 💰, Security Researcher, Top #2 in Mexico in the @Hacker0x01 2025, NASA Hall Of Fame
Allele Security Intel... @alleleintel
1K Followers 2K Following Allele Security Intelligence is an independent company specializing in Information Security research.
Roland Hack @RolandHack6
977 Followers 3K Following 20yo😼|Junior Pentester|Bug Hunter|Discoverer of 2 CVEs
Nicolò Altamura @nicolodev
571 Followers 184 Following Reverse Engineer focused on decompilation, disassembly, and software internals.
Zhiyun Qian @pkqzy888
3K Followers 528 Following Professor @UCRiverside. Research on system and network security.
Attack and Defense @attackndefense
1K Followers 8 Following @[email protected] - Mozilla's Security Internals for Security Engineers, Security Researchers, and Bug Bounty Hunters.
Katie🌻Moussouris (... @k8em0
110K Followers 10K Following @LutaSecurity CEO @payequitynow MIT&Harvard visiting scholar, @MasonNatSec fellow, 1/2 Chamoru, hacker @k8em0.bsky.social Legacy blue check
Zhenpeng (Leo) Lin @Markak_
3K Followers 395 Following AI x Security @depthfirstlabs, Ph.D., CTF player @Nu1L_team, now @StrawHat_CTF. #Pwn2Own winner. Author of #DirtyCred #Badiouring
Ken Williams @jkwkc
1K Followers 2K Following Cybersecurity, law enforcement, physical security, Packet Storm Security founder. A sense of peace wasn't meant for some, my friend.
GitHub Security @GitHubSecurity
15K Followers 89 Following The @github Security team. 🚨 Report vulnerability: https://t.co/wTLhTm60PQ. Security Research: @GHSecurityLab. We're hiring!
ApplSec @ApplSec
1K Followers 3 Following Stay up-to-date with security fixes to Apple's ecosystem! 📲 💻 - Not affiliated with Apple Inc. 🍎 - @[email protected] 🐘 - @applsec.bsky.social 🦋
Aaron Grattafiori @dyn___
6K Followers 2K Following Offensive Security / AI Red Teaming @ NVIDIA. Ex-GenAI and OffSec Red Teaming Lead at Meta. Ex-Principal Consultant and Researcher @ NCC Group/iSEC Partners.
RyotaK @ryotkak
11K Followers 660 Following Security researcher? | Icon: @MelvilleTw | Private: @RyotaK_Private | Misskey: https://t.co/63E5Rpv2pk | Blog: https://t.co/c7NFQXhV90
stratan @5tratan
548 Followers 962 Following Product @TashitaSoftSec. Security research on the side.
_ZN4DionC1Ev @justdionysus
5K Followers 1K Following I write software and drive around Baltimore looking for stuff to do.
Ron Masas @RonMasas
2K Followers 253 Following trying to predict the next token to make you think i’m a security researcher.
Unprompted AU @UnpromptedAU
538 Followers 0 Following https://t.co/YGo0O2YvDi - Security conference with an AI focus based in Sydney, Australia. Sister conference to Unprompted.
ClaudeDevs @ClaudeDevs
526K Followers 2 Following Official updates for developers building with @ClaudeAI
Juliano Rizzo @julianor
9K Followers 2K Following Crypto. Security. BEAST/CRIME SSL/TLS, Padding Oracle Attacks. CEO & Founder @coinspect
That Privacy Guy @alexanderhanff
6K Followers 3K Following Globally respected Privacy expert and host of @ThatPrivacyShow - also, a reassuringly expensive consultant. @[email protected]
Tony Gorez @tonygo_
1K Followers 606 Following offensive security researcher | iOS - macOS | build Bare runtime at @holepunch_to
#WeAlliPhoneFamily @iM4CH3T3
27K Followers 3K Following 📱All about #iOS📱#iPhone • #iPad • #AppleWatch • #Exploits • #Jailbreaks • #Tweaks •Root-user best-user!!!•few jailbroken devices #checkm8 #xboxseriesx #ps5
TechCrunch @TechCrunch
10.3M Followers 460 Following Technology news and analysis with a focus on founders and startup teams. Got a tip? https://t.co/J0WxnZxSRY
Chaofan Shou @Fried_rice
69K Followers 2K Following
eyitemi @eeyitemi
6K Followers 2K Following unemployed. cyberpunk polymath. doing extremely weird security. https://t.co/F4A5WdMKeY ex @paystack.
Mateusz Krzywicki @krzywix
2K Followers 831 Following 🐛 bugs and 🤯 exploits (Opinions are my own and not my employer)
ctfradiooo @ctfradiooo
1K Followers 2 Following Cybersecurity podcast hosted by @adamdoupe and @Zardus focused exclusively on Capture the Flag (CTF).
Adam Doupé @adamdoupe
6K Followers 1K Following Former DEF CON CTF organizer. Professor @ASU. Web, system, and network security. Loves CTFs. Hacks w/ @shellphish. Hosts @ctfradiooo. Open DMs.
Zuk @ihackbanme
17K Followers 1K Following Mobile & Security Research | Founder @ZecOps (Acq. by JAMF) 🐊 & @ZIMPERIUM (Acq.) | #FreeTheSandbox✌ | ❤️ Chess | My random thoughts, only some are accurate.
Huy Nguyen @Little_34306
25K Followers 328 Following Employee of @Calif_io, opinions are my own. Others platform: https://t.co/qY3jaBjkDn
Bruce Dang @brucedang
5K Followers 1K Following Sweeping the floor at https://t.co/CM8ErzxC5z (we are hiring). Previously at Microsoft/Veramine/Apple. author of Practical Reverse Engineering.
johnny @zeroxjf
4K Followers 176 Following iOS & MacOS Researcher (AI-Assisted) @trycua https://t.co/4vu4rvK5b5
littlelailo @littlelailo
7K Followers 217 Following interested in RE and pwning stuff | hacking *OS atm
Jamie Levy🦉 @gleeda
10K Followers 6K Following @Volatility Core Dev | Art of Memory Forensics co-author | Sr. Director of Adversary Tactics @HuntressLabs | #DFIR enthusiast/trainer | [email protected]
skull @brutecat
8K Followers 381 Following hacker, security researcher. 21. i run a blog @ https://t.co/cBW6gzTpV2
Georgi Gerganov @ggerganov
62K Followers 292 Following 24th at the Electrica puzzle challenge | building https://t.co/baTQS2bL7I | engineer @huggingface
Giuseppe Calì @_gcali
327 Followers 164 Following I like to take apart stuff to understand how it works. When I'm lucky, it even turns on afterwards. Pwn2Own Tokyo '26
1336_0ff_by_0ne @1336_0ff_by_0ne
1K Followers 111 Following Cybersecurity meets metal. Shirts for fictional bands named after malware and threat actors. Literal malwear. Requests are welcome.Trends for United States
You might like
