Gynvael Coldwind

6.9K posts

Gynvael Coldwind banner
Gynvael Coldwind

Gynvael Coldwind

@gynvael

security researcher/programmer/director @ HexArcana Cybersecurity GmbH ⁂ @pagedout_zine ⁂ @DragonSectorCTF ⁂ https://t.co/ShG2c5As1K ⁂ ex-Google ⁂ he/him

Zürich, Switzerland Katılım Temmuz 2009
1.3K Takip Edilen39.1K Takipçiler
Sabitlenmiş Tweet
Gynvael Coldwind
Gynvael Coldwind@gynvael·
Super happy to announce we've listed the first workshop done by external experts at my educational site! hackarcana.com/workshop-list If you need to secure Kubernetes or want to learn how to assess its security - hands on! - you got to check this out.
English
0
4
10
2.2K
nedwill
nedwill@NedWilliamson·
@gynvael @CERT_Polska ♥️ was thinking of you too! How good is it? I studied some Polish cybersecurity and manufacturing content to try to get the diction right.
English
0
0
0
285
nedwill
nedwill@NedWilliamson·
Kawał dobrej roboty @CERT_Polska nad fuzzlabem. Piękne nazewnictwo 倉/切/型 — magazyn, ostrze, forma. 型 to wzorzec doskonalenia na każdej stacji, w przepływie pracy między rzemieślnikami. Pipeline = ogromny ROI w bezpieczeństwie AI. Pozdro Dragon Sector i Mateusz!
CERT Polska@CERT_Polska_en

Fuzzing has long been one of the most effective methods for finding vulnerabilities. But what happens when an LLM takes the wheel? Our latest research explores autonomous, AI-driven fuzzing and what it means for the future of security testing. 👇 cert.pl/en/posts/2026/…

Polski
1
4
19
7.6K
Gynvael Coldwind
Gynvael Coldwind@gynvael·
Hot take: The only difference between giving malware and AI a free reign over your computer is that AI has a random number generator attached to the malicious part.
English
3
7
49
3.2K
Gynvael Coldwind
Gynvael Coldwind@gynvael·
@halvarflake TBH I think my NIH syndrome keeps this in check a bit. But I can see that if I'd stopped manually coding my skill would deteriorate quickly - kinda scarry.
English
0
0
1
182
Gynvael Coldwind
Gynvael Coldwind@gynvael·
@halvarflake I alternate between being a manager of artificial junior engineers (vibe coding by writing basically detailed design docs) and actually craft coding (I like this term). Ideally not on the same projects - taking over an AI created codebase is a major reverse engineering effort.
English
1
0
8
711
Halvar Flake
Halvar Flake@halvarflake·
Ok, confession time: I use agentic coding *all the time* and *every day*. And have been doing so for many months. I am *terrified* of skill deterioration on my side. I see the studies, I can feel it myself. The agents make me much more productive, but I feel I need to force...
English
108
59
1.4K
163.5K
Gynvael Coldwind retweetledi
confidenceconf
confidenceconf@CONFidenceConf·
To jest jedna z tych prezentacji, przy których trudno napisać spokojny opis. [CVE-2026-9058] Pełne ominięcie uwierzytelniania w ZUS, e-Sądzie, Usługach Elektronicznych Ochrony Zdrowia i kilku innych systemach administracji publicznej Brzmi poważnie? Bo jest poważnie. Do zo!
confidenceconf tweet media
Polski
0
2
5
1.3K
Gynvael Coldwind retweetledi
hackArcana
hackArcana@hackArcana·
Most Kubernetes security courses teach theory. This one is hands-on from day one: labs, real attack paths, RBAC abuse, runtime security, networking & container internals. Led live by experienced & certified security engineers 🔐 Use code K8S-HAX-10 for 10% off.
hackArcana tweet media
English
1
2
4
1.2K
Gynvael Coldwind
Gynvael Coldwind@gynvael·
I haven't uploaded stuff to my YT for sometime, but I've recorded a couple of videos yesterday. Here's the first one, which is on how to start with the time-limited K8s CTF challenges we have on hA: youtube.com/watch?v=XFncTj… (second one will be about a different CTF task form BQ)
YouTube video
YouTube
English
0
9
22
5.2K
Gynvael Coldwind
Gynvael Coldwind@gynvael·
Craft code! I like this!
Adam Sawicki@Reg__

Attending #digitaldragons2026 conference. It's always inspiring, with interesting and funny discussions and thoughts. For example, on the pre-party we concluded that soon we should start calling "craft code" (like we have craft beer) a code written by human developers not AI 😀

English
0
0
10
2.4K
Gynvael Coldwind retweetledi
hackArcana
hackArcana@hackArcana·
Challenge down. Want to go deeper? Jump into a lab-based 6-week live security workshop covering build, deploy, runtime, RBAC, networking, and low-level container internals. Use code K8S-HAX-10 for 10% off.
hackArcana tweet media
English
1
2
1
1.4K
Paweł Kraszewski
Paweł Kraszewski@pkraszewski·
@gynvael - cert.pl/posts/2026/05/… jest świetnym przykładem do Twojego szkolenia z plików binarnych, działu o formacie ZIP. Przykłady plików o zawartości zależnej od tego, jak program szuka katalogu centralnego.
Polski
1
0
1
36
Gynvael Coldwind
Gynvael Coldwind@gynvael·
(6/6) My point being - there are two sides to this coin.
English
0
0
1
741
Gynvael Coldwind
Gynvael Coldwind@gynvael·
(5/n) "and discuss the actual observed effects of UBs, especially why a compiler does this, what are the real-world actual variants of generated code (if any) for a given UB for this and other compilers, how can this be abused and exploited, and so on. ...
English
1
0
0
767

Keşfet

@NedWilliamson @CERT_Polska @DamiDina @halvarflake @pkraszewski @elonmusk @BarackObama @taylorswift13