Nicolas Trippar @ntrippar
Security Researcher at @Xbow | Past: @TwoSigma, @Bloomberg, @zImperium Joined January 2011-
Tweets361
-
Followers753
-
Following2K
-
Likes1K
@moyix @fede_k @hackerfantastic @kallsyms Maybe we need a new competition pwn2old, the challenge is not vuln, it's the hardware 😂
@fede_k @moyix @hackerfantastic @kallsyms @moyix should go to ekoparty this year and try the exploits in real machines from the "museo de informatica"
A lot of people have been wondering about Mythos, Glasswing, and the vulns we / our partners are fixing. Today, I’m excited for us to start sharing more. (For context, I lead Glasswing @AnthropicAI.) Two independent evaluations this week—from XBOW and the UK AISI—confirm what we've been seeing internally: Claude Mythos Preview is a step change in autonomous cybersecurity capabilities. We need to start preparing fast for a world of models with this level of capabilities. The UK AI Security Institute tested the model we shipped at the launch of Project Glasswing and found Mythos Preview is the first model to solve both of their end-to-end cyber ranges, including one (Cooling Tower) which no model had ever cleared. But attackers (and defenders) have sophistication & cost constraints – Mythos is also the only model that clears every one of their tasks estimated over 8 hours under their deliberately low 2.5M-token cap. XBOW tested it on their offensive security benchmarks, finding "token-for-token, unprecedented precision." It's the only model to succeed at subtle V8 sandbox work. Other Glasswing partners shared similar stories. In a few weeks of testing, Mythos Preview has helped them find many thousands of (estimated) high + critical severity vulnerabilities, sometimes double what they'd normally find in a year. I don't share this to boost Mythos. In fact, this is not about Mythos. It’s about preparing for the coming world of models being better, faster, cheaper, and more creative than some of the best human experts at dual use capabilities. Clearly, we need them supporting defenders as widely as can be done safely – and especially the least resourced ones. Within a year, Mythos will probably look quite dumb (relative to other new models). And others may release openly available or unguardrailed models of Mythos-level capabilities. We started Project Glasswing because capabilities like Mythos Preview's won't stay rare, or stay in careful hands. We are bringing it to defenders as fast as we responsibly can, while working to figure out, for example, the right safeguards and patching & disclosure processes. Also, to be clear, compute has never been a limiter in our rollout. Expect a fuller update on our Glasswing work in the coming days. XBOW report: xbow.com/blog/mythos-of… UK AISI report: aisi.gov.uk/blog/how-fast-…
Our cyber range results illustrate this step-up. Since our first Mythos evaluation, we received access to a newer Mythos Preview checkpoint. On a 32-step corporate network attack we estimate takes a human expert ~20 hours, this checkpoint completes the full attack in 6 /10
In our first week we wrote about a RCE @Xbow found in Exim. What thought would be a deep technical write-up, became something more personal. 1/🧵
@PabloSabbatella @maxifirtman Imsi catcher. Lo mismo que usan para saber quienes recurrentes a manifestaciones, etc
A new chapter for @Xbow. We're concluding our primary mission on Hacker1, so it will no longer be competing on the leaderboard. The platform was a critical step in our journey: an invaluable, large scale, live-fire range for developing and improving XBOW. xbow.com/blog/xbow-on-h…
If you have some time today, check out @moyix highlights or @pwntester full blogpot on this amazing vulnerability and how it was exploited by XBOW. See you all in BH/Defcon next week!
YES! THIS one is my favorite :D Some details in thread below...
As a pentester, you sometimes spend hours reading obscure docs about a library you never heard of, chaining vulns, and praying your work turns into something useful. Xbow-dude did all that in 12 minutes. SSRF -> expression injection -> RCE xbow.com/blog/xbow-titi…
What if two AI models could collaborate without knowing it? Our Head of AI, Albert Ziegler developed "model alloys" - alternating between different LLMs in a single conversation. Sonnet handles some steps, Gemini others, but neither knows about the switch. Result: 55% solve rate vs 40% with single models. xbow.com/blog/alloy-age…
When standard SQL injection vectors fail, dig deeper. ⚡️New XBOW discovery: Z-Push vulnerability hidden in Basic Authentication username field. Response timing differences revealed PostgreSQL time-based injection where obvious targets were clean. Full analysis: xbow.com/blog/xbow-gaij…
One of the great privileges of @Xbow is having the opportunity to work with talented individuals like @djurado9 @niemand_sec @pwntester @ntrippar Lean and Javi! x.com/xbow/status/19…
For the first time in history, the #1 hacker in the US is an AI. (1/8)
Any billionaire can go to space. You want to show off your wealth and power? Play a sound on Linux.
@evilsocket @Exein_io Congrats!, I expect to see a lot of Rust code from you
@evilsocket Finally you are learning Rust!
@qrs Used to live a block from there. New year in Amsterdam is crazy. Really miss that 🤣
@rochihc Igual digo sobre los "eviction ban", es el año donde la propiedad privada no vale para nada
@USPSHelp have an issue with a letter, USPS seems to delivered to wrong address due to the zip number that appears on the tracking, already sent DM few days ago.
@nicowaisman @AiluCastellucci En NY conseguís todo, venden hasta las tapas de la salteña. Te falta meterte en el barrio de latinos 😬
chompie @chompie1337
89K Followers 1K Following hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
Damián Catanzaro ☕... @DamianCatanzaro
115K Followers 434 Following ☕️ Founder @cafecito_app Co-Founder @paywithamplify Co-Founder of GalioPay (https://t.co/rdMxZbMCU8) ✉️ Los DMs se mandan siempre con pregunta incluida.
Pablo Sabbatella @PabloSabbatella
83K Followers 4K Following Web3 Operational Security researcher 🥷 @opsek_io founder 🕵 @_SEAL_Org member 🦭 @SecuritySeries host 🎙️ We train and audit teams so they don't get hacked 🥷
AIfredo 0rtega @ortegaalfredo
9K Followers 1K Following Software Developer - Security researcher - Cybergaucho - @[email protected] AI-related: https://t.co/hhQltrgzKS https://t.co/ibyCcAp6zv
Nico Waisman @nicowaisman
13K Followers 975 Following CISO at @XBOW. Former CISO @Lyft. Binary entomologist
Fede Pacheco @FedeQuark
5K Followers 695 Following Educación | Ciberseguridad | Ingeniería Electrónica | Budismo | Cat person | +1 de @daniela_valor
Brendan Dolan-Gavitt @moyix
33K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
Simone Margaritelli @evilsocket
48K Followers 2K Following Music, cybersecurity, open source and AI • Author of bettercap, pwnagotchi, opensnitch, bleah, legba and a few other things. Chief Architect @ 🥷
Patricio Palladino @alcuadrado
3K Followers 261 Following Co-founder & CTO of @NomicFoundation, creators of @HardhatHQ
Nikias Bassen @pimskeks
56K Followers 223 Following iOS Dev & Hacker, Reverse Engineer, Security Researcher | VP of Product Security @Zimperium @zLabsProject | https://t.co/g7bFFBiUKm | @checkra1n
ϻг_ϻε @steventseeley
23K Followers 559 Following Artist disguised as a logician. Pwn2Own Winner. Spiritual Alchemy. An adept in the making.
Francisco Müller Ama... @famato
11K Followers 9K Following Co-Founder @faradaysec & @ekoparty security conference. #Evilgrade https://t.co/RaqeRoSaRm $home 🌍🇦🇷 Merlo Valley
Juan Urbano Stordeur @juanurss
974 Followers 369 Following Founder https://t.co/xRe3RiqgRj / Security Consultant / Mobile & Web apps | My opinions are my own | @MobileHackingES organizer
Emma aura @jaime70952183
61 Followers 543 Following honey-drenched daydreams 🍯 follow back guaranteed
Emma & starlight @68emma4947
14 Followers 1K Following stardust soul with secondhand anxiety ⭐ follow back
cam & cloud @tmiss1973
53 Followers 2K Following chronically affectionate & chronically online 🫶 follow back
Nick G @kallsyms
787 Followers 762 Following @Xbow. Formerly @google, @capsule8. Professional thing breaker. 👻
Lidia @AliciaZiem18944
200 Followers 7K Following
. @plestiaAlevm
189 Followers 2K Following Paledtine GAza I am a dedicated journalist with a passion for storytelling, truth, and impactful reporting.
ValuaStockGeek @ValuaStockGeek
94 Followers 2K Following DIY value investor. Blog & podcast: https://t.co/pTKoiHgWj9
Matty❤️ @hazematii_
14 Followers 295 Following Fueled by iced mochas, messy plans, and magnetic charm 🍫
Joseph @josephoadams12
25 Followers 190 Following Senior Director, Model Alignment & Safety @GoogleDeepMind. Building safe, steerable, and reliable LLMs. Previously scaling data ops & ML platforms at @Scale_AI
Baddies X Babes @Baddiesxxxonly
377 Followers 1K Following ❤️ Daily Baddies & Babes ❤️ DM for Promo 👌
David_Ops @David_Opsc
144 Followers 747 Following DevOps | Linux | FastApi | Automation ~Bots, APIs, SecOps/Crypto ~ Matemáticas • Física 🛸
Pierre @pldespaigne
1K Followers 425 Following Web3 dev. Deep knowledge of the EVM, helped updating the Yellow Paper, built Bytegraph the smart-contract bytecode analysis app | ex Immunefi
Ian Butler @kinglycrow
509 Followers 278 Following Hacker of things. Maker of Nym. AI Researcher @XBOW, thoughts my own. @aitinkerers co-organizer https://t.co/8KEYkY9vbn https://t.co/9y4zk8oY83
youssef mohamed @youssef43020742
1 Followers 110 Following
Heloise Kohler @KohlerHelo93240
130 Followers 5K Following
karan @bloodhell220
2 Followers 154 Following
dael01 @ufnog038
9 Followers 5K Following
harisec @har1sec
8K Followers 3K Following Interested in web security, bug bounties, machine learning and investing. SolidGoldMagikarp. Orson Kovacs.
Alfonso De Gregorio (... @secYOUre
391 Followers 267 Following Critical thinker and hacker. The politics of cybersecurity is my field. Unanticipated state space is my ranch–let's align the incentives to make it smaller!
s1r1us (mohan) @S1r1u5_
14K Followers 2K Following aham nityaṃ śiṣyaḥ, jagat mama guruḥ. {~hacker~} {founder @ElectrovoltSec, @HacktronAI}
Bernhard Mueller @muellerberndt
26K Followers 2K Following Information Theory Researcher at Pragma Research https://t.co/JFv5NMNrG6
Sebi Wilner @sebiwilner
352 Followers 471 Following
Wilde Audrey @WildeAudre11
893 Followers 5K Following If you realise how good is peace you'll never ever trouble no one🇺🇸
bebepuey.eth @bebepuey
491 Followers 221 Following CEO & co-Founder @bombocommunity / VisionDriven MF & AI DEGEN @acme_io
PoiuLkjh @PoiuLkj97148459
32 Followers 3K Following
Ahmed Jebrel @ahmedjebrel12
2 Followers 110 Following اللهم ارحم امي واغفر لها واسكنها فسيح جناته اللهم اجعل قبرها روضة من رياض الجنة اللهم اجعلها منعمة في ظلك راضية في قربك اللهم اجعلها من اهل الجنة خديجة الوندي
Maya Wilson @Deboorahh0
70 Followers 2K Following
Marco Almonacid @AlmonacidM99795
1 Followers 23 Following
Corrke @Corrke194553
11 Followers 2K Following
tferrer10 @tferrer10
42 Followers 49 Following
Melanie @KUAF30kU6P8uE
31 Followers 759 Following
ROIC_KING🇺🇸 @Roboo094820
41 Followers 1K Following 15-30% Monthly | 2 High-Conviction Stocks.Short-Term Gains: 15-20% in Days/Weeks.DM "JOIN" for WhatsApp Alerts. Live Trade Signals • Market Analysis
Vanessa @ZomlnYyQ1z6th
37 Followers 1K Following
Phishing Radar @PointerRadar
148 Followers 3K Following Linux | Ethical Hacker | Security Enthusiast | Python | Bug Hunter | sushi lover | 🍣 👾 🤖 🇨🇴
Praveen Nallasamy @nallasamy_prav
214 Followers 2K Following
chompie @chompie1337
89K Followers 1K Following hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
vx-underground @vxunderground
440K Followers 362 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Damián Catanzaro ☕... @DamianCatanzaro
115K Followers 434 Following ☕️ Founder @cafecito_app Co-Founder @paywithamplify Co-Founder of GalioPay (https://t.co/rdMxZbMCU8) ✉️ Los DMs se mandan siempre con pregunta incluida.
Pablo Sabbatella @PabloSabbatella
83K Followers 4K Following Web3 Operational Security researcher 🥷 @opsek_io founder 🕵 @_SEAL_Org member 🦭 @SecuritySeries host 🎙️ We train and audit teams so they don't get hacked 🥷
AIfredo 0rtega @ortegaalfredo
9K Followers 1K Following Software Developer - Security researcher - Cybergaucho - @[email protected] AI-related: https://t.co/hhQltrgzKS https://t.co/ibyCcAp6zv
Haifei Li @HaifeiLi
9K Followers 151 Following For contact in the security community. NOTE: All the tweets are totally my personal opinions, not about any of my current employer stuff.
Santiago Palladino @smpalladino
12K Followers 1K Following 🇦🇷 Engineer at @aztecnetwork. Councilmember at @graphprotocol. Formerly @OpenZeppelin @manastech. Opinions my own.
cts🌸 @gf_256
67K Followers 989 Following founder and hacker @zellic_io @v12sec @pb_ctf yt https://t.co/nlNai6iQCn
Nicolas Krassas @Dinosn
157K Followers 769 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKZLB Posting content that I find interesting.
Nico Waisman @nicowaisman
13K Followers 975 Following CISO at @XBOW. Former CISO @Lyft. Binary entomologist
Ekoparty | Hacking ev... @ekoparty
25K Followers 160 Following The coolest #hacking conference and meeting point in LATAM since 2001 🏴☠️
Fede Pacheco @FedeQuark
5K Followers 695 Following Educación | Ciberseguridad | Ingeniería Electrónica | Budismo | Cat person | +1 de @daniela_valor
Ben Sadeghipour @NahamSec
248K Followers 1K Following Cofounder @hackinghub_io | Advisor @CaidoIO. I hack companies and make content about it. #NahamCon organizer. ex @hacker0x01🇮🇷
thaddeus e. grugq @thegrugq
128K Followers 420 Following Hacker :: PhD researcher @warstudies @KingsCollegeLon :: [email protected] :: PGP https://t.co/dYipV8y3bo
Brendan Dolan-Gavitt @moyix
33K Followers 6K Following Building offsec agents: https://t.co/G9EtnC2Gl3 PGP https://t.co/3WXr0RfRkv
Simone Margaritelli @evilsocket
48K Followers 2K Following Music, cybersecurity, open source and AI • Author of bettercap, pwnagotchi, opensnitch, bleah, legba and a few other things. Chief Architect @ 🥷
Yanina Latorre @yanilatorre
1.6M Followers 113 Following Como un copito de nieve. Unica e irrepetible. INSTAGRAM: yanilatorre
NYC Mayor's Office of... @MadeinNY
35K Followers 912 Following MOME :: Film | TV | Theatre | Music | Publishing | Digital Media | @NYC_Media || Led by @nycmomecommish
Clint Gibler @clintgibler
26K Followers 572 Following 🛡️ Leading Cyber at @OpenAI 📚 Creator of https://t.co/xwtIAI0CuJ newsletter
Eric Weinstein @ericweinstein
1.1M Followers 994 Following Mostly Mathematics, Markets, Physics, Finance, Risk, Immigration, Policy, Music, Economics, Society, Kayfabe, Technology and Tropical Fruit.
B, @tt109407b
182K Followers 62K Following
Andrea Pinto @ogandreakiro
2K Followers 806 Following ceo+cofounder @nottecore (S25) | ai/ml research ex-mit | https://t.co/hZ2gHl5zr9
Enhanced Games @enhanced_games
60K Followers 315 Following
Tomek Korbak @tomekkorbak
5K Followers 625 Following ai safety @openai | previously: @AISecurityInst @AnthropicAI @nyuniversity @SussexUni
David Dworken @ddworken
577 Followers 136 Following Security at Anthropic | Previously web security @ Google | https://t.co/bcVSpNtgvN | Opinions my own
Terry Yue Zhuo @ICML�... @terryyuezhuo
2K Followers 657 Following
Peter Lamelas, MD, MB... @pldocmd
9K Followers 709 Following United States Ambassador to Argentina. Cuban by birth legally American by the grace of God. Founder MD Now Urgent Care, Physician, Entrepreneur & Patriot.
Sam Bowman @sleepinyourhat
66K Followers 3K Following AI alignment + LLMs at Anthropic. On leave from NYU. Views not employers'. No relation to @s8mb. Into @givingwhatwecan.
rohan anil @_arohan_
43K Followers 2K Following member of technical staff & co-founder of @coreautoai - and continuing to aspire to understand deep learning.
Hekapoo @hekapoo___
699 Followers 4 Following
sakura @eternalsakura13
9K Followers 206 Following Lead Security Researcher @zellic_io. Top 3 Chrome VRP. Top 2 Facebook Whitehat. MSRC MVRs 9th. BlackHat Asia/USA & Zer0Con & OffensiveCon speaker.
Huy Nguyen @Little_34306
25K Followers 328 Following Employee of @Calif_io, opinions are my own. Others platform: https://t.co/qY3jaBjkDn
KERNEL @usekernel
3K Followers 15 Following we build crazy fast, open source infra for agents to access the internet. trusted by @cashapp, @framer, and 3000+ teams.
Justine Moore @venturetwins
202K Followers 998 Following Partner @a16z AI 🤖 and twin to @omooretweets | Investor in @elevenlabs, @bfl_ml, @hedra_labs, @krea_ai, @heyglif, @ShizukuAILabs, @wabi, @TownAI
Newton Cheng @newton_cheng
2K Followers 258 Following Frontier Red Team at @AnthropicAI | Physics PhD from @UCBerkeley
Chris Tate @ctatedev
61K Followers 2K Following @Vercel Labs | Created https://t.co/473Fqx4HKt, https://t.co/ZekOfFeoXF, https://t.co/9MKvOdyxN3, https://t.co/Bnt6dbEdSi, https://t.co/SODeKvPbac | Husband & Dad | He/him | Musician, Space Nerd, Foodie | Vegan
國防部 Ministry of... @MoNDefense
233K Followers 90 Following The official MND R.O.C. Twitter account! Follow us for the latest news and activities of MND and R.O.C. Armed Forces here. Follow, RTs and Links ≠ Endorsement
Joshua Levy @ojoshe
5K Followers 5K Following Words, code, truth, kindness, other arcana ∙ https://t.co/sRhJ3En7qD
Erik Schluntz @ErikSchluntz
10K Followers 302 Following Member of Technical Staff Co-founder at @CobaltRobotics Co-founder at Posmetrics (acquired) GoogleX, @SpaceX, @Harvard EE '15
sysls @systematicls
62K Followers 66 Following All in @openforage. I thrived in all of the largest hedge funds managing systematic investment processes.
Max Schwarzer @max_a_schwarzer
23K Followers 318 Following Doing RL @AnthropicAI. Formerly VP of Research, Head of Post-Training @OpenAI. PhD with Aaron Courville and Marc Bellmare at Mila.
Department of War �... @DeptofWar
7.3M Followers 671 Following Official U.S. Department of War X account.
U.S. Central Command @CENTCOM
1.6M Followers 121 Following The official account of U.S. Central Command.
Jake Williams @MalwareJake
150K Followers 2K Following Breaker of software | VP R&D @hunterstrategy | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | GSE #150 | He/him
Israel War Room @IsraelWarRoom
465K Followers 7K Following Israel’s enemies do not sleep. Neither do we.
Larsen Cundric @larsencc
8K Followers 513 Following agent infra @browser_use · what breaks when scaling agents to millions in prod
PrettyGirls @beautyshowcase
613K Followers 63 Following Women are art | Sharing the prettiest girls with you ✌️Sponsored by @rainbetcomYou might like
