Paul Seekamp

Big news! I started @CoastlineCyber, a boutique cyber security consulting firm dedicated to strengthening your organization's security posture. 💪

@HackingDave She doesn't know she's in a room with the guy that created the social engineering toolkit.

Taylor Swift said hello !

@xnl_h4ck3r Almost daily, I use it.

Does anyone still use GAP?! 👇

Anthropic, how many likes do I need to bring back the day-one public release of Claude 4.6? @AnthropicAI

@evilsocket I have noticed that I have to tell it to plan.

Opus 4.7 at max effort now bypasses/ignores plan mode and just changes things around without user interaction. Great.

@evilsocket I think i will. I just like claude channels so much. Dont want to give it up. But I might have to.

@nullenc0de considered switching to openai? their 20x plan seems pretty nice and 5.5 seems much smarter

dude i'm fixing really stupid mistakes that opus 4.7 started making at max effort, with sonnet 4.5 ... wtaf is anthropic doing to this model

@evilsocket Oh I totally agree. I have been using Sonnet now. I can't use Opus anymore. It's like I traveled back in time to a dumber, less usable model.

@nullenc0de The whole 4.7 series seems dumb to me since recently regardless of thinking effort

Lol, spent 4 weeks deciding to migrate my Critical to a medium risk because the PII wasnt "sensitive enough". But they patched the vuln in less than 1 hour... Money must be tight. The $50k bounty was too much to pay. I understand 👍 Shareholders don't want to see that stuff.

@thedawgyg They patched like 30 critical findings last week and judging by the amount of reports I have sitting in triage for a month they probably have so many.

Even Google is reducing bounty amounts.... "We will be reducing some of our reward amounts and bonuses across Android and Chrome. While these adjustments may reduce the payout for a single bug report, we continue to prioritize our VRPs and the total aggregate rewards paid out in 2026 is expected to increase." Yet when I was trying to tell people this would happen a few months ago, people said i was an idiot... lol... If even Google is reducing bounties do you really think these significantly smaller companies arent going to do the same thing?

@__sethJenkins it wont let me DM you.

@nullenc0de Can you DM me both Buganizer numbers? And maybe a description? I'll take a look.

I'm gonna rant for a second: I found a Zero-Click RCE in the latest Samsung phones in February. Samsung says it's "Out of Scope" because "AOSP Source." So I go to Google, they say it’s High, not Critical, because "AOSP Baseline." My RCE still sitting in the wild, no patch😬

@ibay770 No, just rce in the context of the sandbox

@nullenc0de Can it be used to root the phone?

@te3co I have a second one but its the same fix. So im waiting until I see how they fix it and then if they dont fix it the way i think they will. I'll just drop it here 🤣

@nullenc0de On 2 the next 1 😆

@Dave_Maynor And certainly going to be interesting soon. It's already getting interesting.

@nullenc0de Yeah. Because one thing audits like these show me is that while traditionally understood bug classes are easy, I keep finding new bug classes.

@roddux LOL well I was already in the queue to get patched. I just have no idea when...

@nullenc0de How much? ;)

@jeremie_strand I'm not sure how full-time bug bounty hunters are doing it.

@nullenc0de This is the broken incentive structure of shared codebases. Samsung points to AOSP, Google downgrades severity, and a zero-click RCE just sits there. No wonder researchers burn out on coordinated disclosure.

@imftxyz Lol well. They are already in the queue to get patched it just might take 6 months...

@nullenc0de May be sell it on zerodium 😂

@D0rkerDevil You sitting on them? Seems like it's better to at least right now.

@nullenc0de i have couple myself zero click rce on samsung phones :)

@Dave_Maynor I get it. The triagers are overwhelmed. But, also they are gonna have to figure it out.

@nullenc0de Same kinda story you reported on Samsung.

@Dave_Maynor You have been busy!!

@nullenc0de github.com/dmaynor/apple-…