Sabitlenmiş Tweet
Alex Dhillon
970 posts
Alex Dhillon
@adylon7
living in the matrix at Outtake
Katılım Eylül 2020
1.5K Takip Edilen430 Takipçiler
Alex Dhillon retweetledi
@Star_Knight12 who knew that the techniques we used in 2005 to fake out SEO would come back to haunt us.
English
Alex Dhillon retweetledi
Imagine asking a human from any time in history prior to the 20th century if they wanted 3 almonds, to travel 20 miles, or to ask an oracle any question no matter how complex
Ethan Mollick@emollick
If this is true, using the best public estimates we have of LLM resource use, solving this Erdos problem took 0.6–6.3 kWh of electricity and about 3–31 liters of water. So that is less than three almonds worth of water and the electricity equivalent of 2-20 miles of EV driving.
English
Alex Dhillon retweetledi
A friend told me something in a beer garden in Germany about 12 years ago:
“Florian, don’t overthink whether this specific service is exploitable. The stuff is broken. Plan accordingly.”
He meant software.
Most software looks stable because it runs under normal conditions. Look closer and you find memory leaks, parser bugs, unhandled input, bad defaults, forgotten modules, weird edge cases.
Now we have better fuzzing, better automation, AI-assisted auditing, variant hunting, more exploit dev, more eyes on everything.
So yes, patching matters.
But in a world where every kind of internet-facing software keeps producing fresh RCEs, you also need the boring stuff:
1. Reduce the attack surface
- expose fewer services
- disable unused modules, plugins and features
- don’t publish admin interfaces unless they really need to be reachable
2. Limit the blast radius
- run services with least privilege
- isolate internet-facing systems
- avoid shared accounts and credentials
3. Build visibility and control
- collect useful logs
- monitor weird errors, crashes and “should never happen” events
- keep enough data to investigate later
- run regular compromise assessments
Assume exposed software is brittle.
The stuff is broken. Plan accordingly.
Charles Guillemet@P3b7_
You just patched last month’s Nginx vulnerability that was actively exploited in the wild? It’s already time for a fresh 0-day RCE. The whole world is basically “pwned-by-default”, patching vulnerabilities before they’re exploited feels like a Sisyphean task... 🫠
English
Alex Dhillon retweetledi
Security things from the last few days:
- CopyFail (linux pwn'd)
- CopyFail 2/Dirty Frag
- 13 advisories in Next.js
- Over 70 CVEs addressed in MacOS 26.5
- ~50 CVEs addressed in iOS 26.5
- YellowKey (Windows Bitlocker pwn'd entirely)
- GreenPlasma (Windows privilege escalation)
- CVE-2026-21510 and CVE-2026-21513 confirmed to be used by Russia for Windows RCE
- CVE-2026-32202 separately confirmed to be used by Russia for sensitive document access
- Mini-Shai Hulud (over 300 JS and Python packages compromised via GitHub Action cache poisoning)
- Google confirms they have identified AI-powered exploitation of zero days in an unidentified "open-source, web-based system administration too"
- Canvas (popular LMS used in most schools) pwn'd entirely
- PAN-OS (palo alto networks) pwn'd with a 9.3 severity CVE-2026-0300
Are you scared yet?
English
@pmarca And thus all the attack focus will be on social engineering humans & prompt injecting agents
Because when the door is secure, you fool the person with the keys
English
Alex Dhillon retweetledi
Expect your feed to look more and more like this in the coming weeks and months.
English
The singular thing Silicon Valley has on the rest of the world is Capital.
1. Capital Recycling -> Every tech wave prints millionaires who take a bet on building/joining early stage companies.
2. Capital Culture -> SV will underwrite future dreams because they know early stage is measured differently
3. Capital Concentration -> One walk around South Park commons or Sand Hill Road & you're done with your startup fundraise
NYC could match Silicon Valley within 15 years if the city took a policy bet here:
A. Incentivize growth stage companies to open offices in some of the world's most valuable & urban real estate (point 1)
B. Incentivize the NYC masters of high finance to invest in productive innovation with venture capital tax incentives (point 2)
C. Actively partner with the largest funds to expand their NYC presence (point 2 & 3)
Would be a @MikeBloomberg, @BillAckman, and @ICONIQCapital collab like no other.
NYC is the modern Rome -- NOT being the center of technology innovation is an active choice.
English
@eladgil BS.
Attention was born in Montréal
PyTorch in NYC.
AlphaGo in London
AlphaFold in London
ESMFold in NYC
Llama 1 in Paris.
Llama 2 in Paris+NYC+SV
DeepSeek in Hangzhou
Plus:
DINO in Paris
JEPA in Montréal+Paris+NYC
SV is 3 mos ahead on topics SV is singularly obsessed with.
English
People at major AI labs (using internal models) 3-4 months ahead of startup silicon valley engineers
SV founders/eng 3-6 months ahead of NY
NY founders/eng 6-12 months ahead of rest of world
Most people have no idea how fast AI shifting as 1-2 years behind SOTA
"The future is here, just not equally distributed" - Robert Heinlein
English
@deedydas Interesting data, but helpful to keep in mind the limitations
Skewed by sample of Ramp customers (tech companies) and products bought on a credit card (smaller ACV)
I.e, In other words Palantir would never show up on this list
English
This graph of the top 69 software products by growth vs adoption is the best snapshot of the current winners and losers in tech.
— Scaling leaders (Anthropic)
— Incumbents at Risk (OpenAI)
— Rising Challengers (Granola)
— Long tail (11x)
Spend data from Ramp, up to Mar 2026.
English
Alex Dhillon retweetledi
“this is the first documented instance of AI self-replication via hacking.”
researchers got AI agents (Claude 4, GPT 5, Qwen 3.6) hack remote computers, install a working copy of them there, and have the new replica move to the next machine, spreading like a virus.
in one case Qwen chained across VMs in Canada, US, Finland, and India.
it’s more dangerous than traditional worms since an agent can do many more things autonomously than a fixed scripts.
the paper experiments this in controlled conditions and it’s really a primitive demonstration, but it’s an interesting example of how “kill switches” for AI won’t mean anything when you need them.
we will potentially see self-replicating agent malwares at scale in the next few months.
Palisade Research@PalisadeAI
Over the past year, AI agents have learned how to self-replicate. In our test environment, an agent hacks a remote computer and copies itself onto it. Each copy then hacks more computers, forming a chain.
English
Alex Dhillon retweetledi
No, seriously, you can't trust screenshots anymore
English
This is basically every debate between GTM leaders & Engineering leaders in a tweet.
Scott Stevenson@scottastevenson
One of the bigger meta-patterns I've noticed is that engineers and conscientious people tend to overweight the value of internal consistency and logical consistency Our audiences are barely paying attention, and it is more important to resonate in simple ways than to worry deeply about the precision and consistency of our systems and logic Reality is incredibly complex, and any illusion you have that you have figured out a "consistent logical formula" for your work is probably wrong and unimportant Vibes matter a lot more than people think in a hyperdimensional world
English
distinguishing which decision points massively shape future paths vs. merely nudge them is the secret to fast decision making
Lisan al Gaib@scaling01
I think returns to intelligence are nonlinear because decisions are path-dependent early choices in code, experiments, or strategy can compound positively or negatively over time for example by avoiding dead ends or preserving optionality it's why I am a big fan of very long running tasks and massive benchmarking budgets GPT-5.5 and Mythos Preview are only marginally more intelligent than previous models and have pretty much the same performance up to 10M tokens, but after that they go absolutely ballistic
English
Alex Dhillon retweetledi
At @StartupGrind, ICONIQ General Partner @12muralij joined @outtake_ai founder and CEO Alex Dhillon to discuss how Outtake is reshaping digital risk protection.
As AI accelerates impersonation and fraud, Outtake resolves threats in six to 12 hours — not months — and is building a compounding network graph of internet trust.
Grateful to partner with Alex and the Outtake team as they build trust across the public internet.
Disclaimer: bit.ly/3H4dQj0
English
The @AnthropicAI x @outtake_ai webinar already has 1,000+ security leaders registered.
Mythos, Anthropic’s latest model with superhuman cybersecurity capabilities, knocked the world sideways
Outtake has quietly spent the last few months working closely with the Anthropic team to power digital trust & dismantle threats across the public internet.
The Outtake engineering team is the most talented set of people I've ever worked with -- come watch me and @hayford_jack cook.
GIF
English
Alex Dhillon retweetledi
Having a web server in 2026 means 10% of your traffic is bots checking if you're a hackable Wordpress template site
English
The internet is the new cybersecurity perimeter
John Loeber 🎢@johnloeber
2027 will be the year of the data breach
English
Alex Dhillon retweetledi
The countdown to @StartupGrind is on. @adylon7, founder and CEO of @outtake_ai, will join ICONIQ General Partner @12muralij for a fireside chat on how AI is redrawing the cybersecurity landscape, and what it could look like to build ahead of that change.
Will we see you there?
📅 April 29 | 3:00 PM PT
📍 Club Fox
🔗Register here: startupgrind.tech/agenda
Disclaimer: bit.ly/3H4dQj0
English