stuxf

We spun out of the #1 hacking team in the US and built AI that finds what even the best hackers miss. During one engagement, it found 6 different ways to take over any user's account on a popular webapp. Completely autonomously. Then suggested fixes for every single one. Today we're announcing @verialabs' $3.2M seed, backed by @ycombinator, @gokulr, @paulg, and @woloski (co-founder of Auth0), and many other great investors. DM me if you want to know what we'd find in your app.

@IntCyberDigest Of course it’s also probable that a lot of these are real, but I’ve seen some of these supposed disclosures that definitely are not.

@IntCyberDigest A lot of these “rejected zero-day RCE submissions” are just the result of AI Psychosis and aren’t real vulnerabilities. Happy to DM for more details, don’t want to publicly put any of these groups on blast.

‼️🚨 Pwn2Own Berlin 2026 just hit a wall. For the first time in 19-years, ZDI rejected dozens of working zero-day RCE submissions because organizers ran out of contest slots. Rejected hackers are now going public with PoC demos and direct vendor disclosures, breaking Pwn2Own's usual secrecy. ▪️ AI surfaces a massive wave of 0-day RCEs. ▪️ Submissions overwhelm ZDI past max capacity. ▪️ Slots run out. Researchers with working chains get rejected. ▪️ "Revenge disclosures" begin. ← we are here. Confirmed casualties so far: ▪️ @xchglabs : 86 vulnerabilities prepared (PyTorch, NVIDIA, Linux KVM, Oracle, Docker, Ollama, Chroma, LiteLLM, llama.cpp). All rejected. Now reporting directly to vendors with writeups dropping as patches land. ▪️ @ggwhyp : full-chain Firefox RCE on Windows. Rejected. Publicly demoed (HTML page → cmd.exe → calc.exe). Responsibly disclosed to Mozilla. ▪️ @yunsu_dev : working RCE chain, rejected. Submitting elsewhere. ▪️ @ryotkak : tried to register for 3+ weeks. ZDI confirmed "at maximum capacity, can't add extra contest days." Considered canceling flight and hotel. ▪️ @anzuukino2802 : Claude Code RCE PoC. Rejected. ▪️ @desckimh : 0-day RCEs in Ollama and LM Studio. Rejected. Reported impact: a community-estimated 150+ researchers tried to register. Accepted contestants are now being warned about collisions. Rejected vulnerabilities going to bug bounty programs may trigger pre-event patches that invalidate the work of those who got in. ZDI has not publicly addressed the capacity issue. The event still runs May 14-16 in Berlin.

how is this happening again

🏆#EPFL #LakeCTF 2026 — it's a wrap! 🚀 Another year, another amazing battle of brains of creativity!🧠💻 Congratulations to this year's winning team pls carry :3! And thank you to every participant for making this edition such a success.👏 🥇 pls carry :3 🥈 .;.;. 🥉 FluxFingers

I just found a confirmed bug on @immunefi #immunefitribe immunefi.com/s/ss/?severity…

Part 2 of @verialabs Securing Open Source series: We found 2 bugs that could be chained together in Kraken Wallet: Chaining both, a malicious dApp could impersonate a trusted one and disguise transactions as messages, silently draining user funds. Blog: verialabs.com/blog/securing-…

We wrote up everything we do to secure our open source projects at Astral

@GrahamHelton3 I wonder what needs to happen in order to make a shorter disclosure policy the norm

A recent conclusion I've come to: 90 day disclosure is too long. Shipping massive updates weekly is the norm. 3 months only seems short because the first 2.5 months are spent sitting in a queue. Same (lack of) response across 3 platforms.

@sohan_zhang @verialabs thanks for the kind words! love what you’re doing @catchback_cards and super happy to work with you on keeping your users secure :)

recently onboarded to @verialabs (F25) to help with our security Highly recommend working with them! Super professional, clean UI, and well worth the investment The product lives within our CI/CD, and it's a super easy github integration 🥂

Starting a series where we write up interesting vulns our agent at @verialabs finds: First up, 1-click RCE in Goose, Block's coding agent with 33k+ stars: verialabs.com/blog/securing-… Goose was vulnerable to CSWSH, allowing an attacker-controlled website to run arbitrary commands.

@santokri1 @aszx87410 @verialabs I you use platform.claude.com/docs/en/agent-… you can route things through your claude.ai subscription. The repo is open source, so yeah absolutely, it should work and you can test.

@stuxfdev @aszx87410 @verialabs I would like to know using the Claude Agent SDK, how you can route through your CC Pro/MAx plan ? I can also test with the repo you shared ? Thanks !

We at @verialabs built an autonomous CTF agent in a weekend and won 1st place at @BSidesSF 2026, solving all 52/52 challenges. It races multiple AI models (Claude, GPT-5.4) in parallel, each in isolated Docker sandboxes with full CTF tooling. A coordinator LLM reads solver traces and sends targeted guidance to stuck agents. As AI gets better at finding and exploiting vulnerabilities, we think it's important to understand exactly how good it is and where it fails. github.com/verialabs/ctf-…

@l33tdawg @verialabs @BSidesSF It’s open source! You can run it yourself, curious to see the results, there’s definitely improvements to be made ;)

@stuxfdev @verialabs @BSidesSF Nice one! Point it at this bro levelupctf.com - there's an ai leaderboard ; would be cool to see how it stacks up

@EvanKlein338226 @verialabs @BSidesSF Mostly ended up using GPT because I didn’t want to use too much of my Claude usage 😅, so I had it disabled for most of the CTF. Just first solve, IIRC each subagent can submit to a rate limited queue that just automatically tests submission against ctfd

The parallel racing approach is clever - did you find Claude vs GPT-5.4 had different strengths? I'd imagine Claude handles web challenges better while GPT-5.4 might edge out on binary/crypto with reasoning. Also curious about the coordinator's decision heuristics. Does it just take first solve or does it validate outputs before accepting?

@aszx87410 @verialabs you can (unofficially) run this for free, so long as you have an existing CC/Codex subscription. I'm using the Claude Agent SDK, which allows you to route through your CC plan, though this is unsupported. I also route the OpenAI models through codex app server's JSON RPC.

@stuxfdev @verialabs I’m curious how much this cost

@pflanigan @verialabs @BSidesSF Thank you!

@stuxfdev @verialabs @BSidesSF Incredible and congratulations

@hahnbeelee good memo

nick is pushing me to share more of my writing publicly. dipping my toes into it by leaking my own internal memo

We just qualified 2 teams for DiceCTF Finals, with one of our teams getting 2nd place overall! Congrats @BunkyoWesterns on winning and we'll see everyone in NYC! insert line about llms ruining ctfs here