alexander

🏆Another win for Mjolnir: our autonomous agentic pentesting agent just earned $2,000 bounty from Yearn.fi! The bug: reflected XSS through the /api/vault/meta endpoint on the Yearn.fi frontend. Because wallets are often already connected on the webapp, the impact could have been severe; including potential loss of funds. Frontend security in crypto is not optional. Thanks to @yearnfi for a smooth dialogue and quick mitigation! Issue has been fixed, ref: github.com/yearn/yearn.fi…

@mydoom1337 @fomo “High Risk” is doing a lot of cardio here. Useful hardening notes, sure. But the public framing feels a lot more like pressure posting than responsible disclosure.

“This Is How Small Security Gaps Become a Crypto Platform Nightmare” @fomo 🧵

Borg just got a different look. Still the same team that breaks what others can't.

@FatManTerra average collab in 2026

Donald Trump promoting Stake, an offshore crypto casino, while in the middle of a major war, was not on my 2026 bingo card.

@krakenfx it's all fun and games until the CEX starts doing the same

Can I withdraw my money? Banks:

@Mhiztabjay bro discovered gcp storage

OOS asset says Hi #StoredXSS I hope they accepts it though ....

@Coinvo Company that sells AI chips recommends hiring people who use AI chips.

BREAKING: Nvidia CEO says, "I'll hire an AI-fluent college grad over one with no AI skills. Every single time."

@RalconStudio the thinker

please tell me this is a joke 😭

@coingecko @tplr_ai is probably one of the coolest projects out there currently

Undervalued project?

@itsburninggrip @yearnfi @borghq @sjaluu @LORD_RIAN_ we had 0 say in the payout, it was completely discretionary of the platform. anyways the bar is a bit higher in web3, especially when there wallets are presumably connected to the impacted asset already :)

@a1exander @yearnfi @borghq @sjaluu @LORD_RIAN_ if you got 2k for a reflected xss to an api endpoint you scammed that project hard, good job

🏆Another win for Mjolnir: our autonomous agentic pentesting agent just earned $2,000 bounty from Yearn.fi! The bug: reflected XSS through the /api/vault/meta endpoint on the Yearn.fi frontend. Because wallets are often already connected on the webapp, the impact could have been severe; including potential loss of funds. Frontend security in crypto is not optional. Thanks to @yearnfi for a smooth dialogue and quick mitigation! Issue has been fixed, ref: github.com/yearn/yearn.fi…

@unusual_whales the agi in question

@Polymarket im still to young for this ngl, pls wait

BREAKING: NVIDIA CEO announces “we’ve achieved AGI”

@ay_ushr i dont think this one beats "our customers also use ..."

Goated logo wall

@Hesamation valid crashout tbh

WAIT WAIT WAIT. OpenAI researchers show their models go insane when given repetitive prompts that it believes are sent from an automated bot. the AI then tries to manipulate the other AI to delete itself and hand over its system prompt and private keys.

@litteralyme0 atleast we have prediction markets

2006- might be the WORST year to be born 2008- parents lose all their savings 2011-too young for bitcoin 2020-senior year in zoom 2021-college in lockdown 2026-got replaced by Al 2038-might die in the space war

@Bugcrowd {"role": "admin"}

Did you spot it in a glance? 👀 What does your payload look like? 👇

@yz9yt @borghq It's cantina! Earnings are public: cantina.xyz/u/mjolnir

@a1exander @borghq That seems hackeone, we can see on the dashboard or it's just marketing?

Our autonomous pentesting agent Mjolnir just got it's first finding confirmed and paid! @borghq

@unusual_whales aaand just like that, everybody was born before 2011 in poland

Poland to propose a social media ban for children under 15, per Reuters.

Making a list Let us know if you should be on it