Akul Gupta

@BVeiseh 🚀

Super excited to finally announce our raise! (We're hiring) We'll now be able to move much faster on these fronts: - increase our infra+capacity to serve a huge growth in demand - build out the team as we continue to develop new security agents for new verticals (cloud/network/remediations) - expand our applied research into offensive security LLMs Read more here on how we are thinking about the future of autonomous security agents and how MindFort is leading the push to a future where all companies are protected by teams of agents, inside and out. Huge thanks to @ycombinator @Soma_Capital and all our other early investors and angels for believing in us early. If you want to join us in building the future, send me a message, we are hiring across all roles in: Growth/Sales/Engineering/Research! mindfort.ai/blog/seed-anno… cc @AkulGupta30 @mindfort

@harpaljadeja @ycombinator @mindfort Hey! We verify domain ownership.

@ycombinator @mindfort how does it stop some random person to run a pentest on a website (that they are not permitted to) and then exploit the website?

Congrats to @mindfort on their $3M seed! They're building autonomous AI agents that find, validate, and patch vulnerabilities in production software. Their agents run pentests on every CI/CD push, chain vulnerabilities into working proofs of exploit, and ship fixes as pull requests. mindfort.ai/blog/seed-anno…

Excited to announce @mindfort's raise! This lets us accelerate our progress and grow the team as we work to build new agentic offensive security capabilities, expand attack surfaces, extend autonomous remediation, and scale our infrastructure to serve growth in demand. We're already protecting fast-growing startups and public enterprises in production, discovering and patching thousands of vulnerabilities, allowing teams to move faster with confidence. Check out how we envision the future of cybersecurity and how MindFort is leading to a future where all companies are protected continuously by agents. lnkd.in/euNd_r8N Huge thanks to @Soma_Capital , @ycombinator, and our incredible angel investors for backing us, we could not be more grateful for your support. Want to learn more, or help build the future of AI and cybersecurity, let’s talk. Exciting things to come! 🚀 #cybersecurity #AI

We're live on @ProductHunt today 🚀 launching the fastest way to deploy security agents. Give us an upvote and check out what we've built: producthunt.com/products/mindf…

@icanvardar Token maxing

nobody ships anymore, they just count tokens

@naruto11eth Security is going to be taken a lot more seriously as attacks continue to happen and companies realize it can't be an afterthought

sad state of the world rn with all the hacks. idk if hackers evolved their game with claude/gpt at this point, but a total of $700m+ have been stolen so far just in 2026. a small list: - Kelp DAO: $293M (largest of 2026, April 19) - Vercel breach (April 19): ShinyHunters selling data for $2M on BreachForums: source code, GitHub tokens, NPM tokens, API keys, 580 employee records, internal Linear + user management. crypto projects might be affected. - Drift Protocol (Solana): $285M (2nd largest Solana hack ever, DPRK linked, April 1) - Hyperbridge: $2.5M (revised from $237K, MMR proof bug, 1B fake DOT minted) - Grinex: $13.7M USDT - Flash loan BSC pool: $1.6M - CoW Swap: $1.2M (domain hijack, April 14) - Dango bridge: $410K (contract bug) - Silo Finance: $392K (oracle misconfig, April 3) - Resolv Labs $USR: $25M (AWS KMS, 80M infinite mint, contagion into Morpho / Euler / Fluid) - Sillytuna: $24M - some Kraken whale: $18M (social engineering) - Prisma Finance: $11M (borrowing bug, partial white hat return) - NFPrompt: $3M (compromised credentials) - YieldBlox (Stellar): $10M (oracle manipulation, $7.2M frozen) - IoTeX ioTube bridge: $8.8M (private key leak) - CrossCurve: $3M (contract bug) - FOOM Cash: $2.3M (crypto verification bug, $1.8m recovered) - Moonwell: $1.8M (malicious MIP-X43 proposal, Feb 15) - Trezor phishing victim (1 person): $284M - Step Finance (Solana): $30M - Truebit: $26.4M (integer overflow) - SwapNet: $13.3M (approval hygiene) - CrossCurve: $3M

LLMs are strange because it's like having a super smart employee who never stops working but at the same time is also a compulsive liar

@andrewchen Definitely and the multiplier is only going to increase

hot take :) The biggest and most productive people in the AI era are the folks who are already good at their jobs. AI as a multiplier, not an equalizer/democratizer

@zeeg @ivanburazin I misread. But that’s really interesting that the rest of the teams aren’t really seeing value yet (maybe?)

@AkulGupta30 @ivanburazin That’s eng cost. Sales and everyone else is like $20

The co-founder of a $3B+ application monitoring platform says they budgeted $15k/month for each developer's Claude Code usage, and it's still not enough. @zeeg revealed that they allocated more money for devtools this year than they ever have in the history of their company. His own spend is somewhere around $200-300 a day, and he's still nowhere close to generating the ROI to justify that kind of usage. But his broader point is that we're still very early. Using the technology, learning it, and understanding the negatives and positives is what's really important at this moment.

@hackSultan Bro this doesn’t work, wait till you get hundreds of false positives too. Try to separate real vulns from non real ones. Takes more time than using an actual tool.

@EricSimons I think people overstate devles role (not defending them). If YOU don’t take your security seriously, you’ll get breached. Same can be said for Vanta customers

2 major security breaches in the last 24h Both caused by companies whose SOC2 was approved by Delve In post-Mythos world, critically important to only buy from (and even sign up for free with) vendors that have trustworthy & stringent security

@itsdavidalonso “Security in depth”

This is GENIUS 1. Make your user data PUBLIC BY DESIGN 2. You are UNBREACHABLE

A design flaw in Anthropic’s MCP allows remote command execution on AI systems. 150M+ downloads affected as unsafe STDIO defaults exposing over 7,000 services, including tools like LangChain and Flowise. Anthropic calls this behavior “expected,” however it leaves the risk across the AI supply chain. For a company that supposedly has an amazing cyber security model, they should be hardening their own systems. 🔗 thehackernews.com/2026/04/anthro…

Vercel recently confirmed a security breach. A threat actor is claiming to sell customer data, source code, internal databases, and access keys. Who's behind it? Someone operating under the ShinyHunters name is listing alleged Vercel data on a cybercrime forum. Attribution hasn't been confirmed publicly, and not all claims have been independently verified. What should you do right now? 1. Rotate every Vercel environment variable containing secrets, especially anything not marked as sensitive. 2. Reissue any downstream credentials that lived in those env vars: database passwords, API keys, signing keys, GitHub tokens, CI/CD tokens, OAuth secrets, Stripe keys, etc. 3. Check your Vercel activity logs for unusual access or config changes. 4. Redeploy after rotating, Vercel's docs confirm that env var changes only take effect on new deployments. 5. Move production and preview secrets to sensitive environment variables, and enforce the team policy so new secrets default to sensitive. 6. If you're a Google Workspace admin, audit your OAuth and app authorization logs for the published client ID, check who granted access, what scopes were approved, and from which IPs. To help strengthen your security posture, @mindfort is offering a free turbo pentest to anyone who uses Vercel for a limited time. Incident: vercel.com/kb/bulletin/ve…