Tabahi

got 3 bugs rewarded on @Hacker0x01 ∑ $47500 We Out Here

@al_f4lc0n @immunefi I don’t understand why all these protocols keep pulling these dumb tricks with white hats. Looks like they don’t want to be saved, they want to be ripped off.

I Saved Injective's $500M. They Pay Me $50K. I like hunting bugs on @immunefi . I'm decent at it. - #1 — Attackathon | Stacks - #2 — Attackathon | Stacks II - #1 — Attackathon | XRPL Lending Protocol - 1 Critical and 1 High from bug bounties (not counting this one) Life was good. Then I found a Critical vulnerability in @injective . This vulnerability allowed any user to directly drain any account on the chain. No special permissions needed. Over $500M in on-chain assets were at risk. I reported it through Immunefi. The next day, a mainnet upgrade to fix the bug went to governance vote. The Injective team clearly understood the severity. Then — silence. For 3 months. No follow up. No technical discussion. Nothing. A few days ago, they notified me of their decision: $50K. The maximum payout for a Critical vulnerability in their bug bounty program is $500K. I disputed it. Silence again. No explanation for the reduced payout. No explanation for the 3 month ghost. No conversation at all. To be clear: the $50K has not been paid either. I've seen others share bad experiences with bug bounty payouts recently. I never thought it would happen to me. I can't force them to do the right thing. But I won't let this be forgotten. I will dedicate 10% of all my future bug bounty earnings to making sure this story stays visible — until Injective pays what I deserve. Full Technical Report: github.com/injective-wall…

@Apple in the center, LG ultra wide on the right, BenQ

My @Apple MacBook is a Beast. What’s your configuration?

@Tripadvisor @Bugcrowd these were rewarded today

I have 3 submissions on @Tripadvisor program on @Bugcrowd triaged since months. Raised multiple response to requests on them. I think they should have been paid out by now. It’s way beyond the report’s estimated date.

@PulkitJangid18 @Tripadvisor @Bugcrowd I mostly get paid on triage, or some days after. All reports have an estimated date. Here, Months have passed by after the triage, no bounty yet. So much wait time degrades the motivation.

@_tabahi @Tripadvisor @Bugcrowd Can anyone tell me after got triage it's confirmed that they can now pay you ??

@elonmusk Would it let me send my Humanoid to moon ?

SpaceX will build a system that allows anyone to travel to Moon. This will so insanely cool 🚀💫🤩

Exactly 👿

@elonmusk The superset

𝕏 is the set of all things

@dvorahfr 💕

Life can be a field of roses or a field of thorns, but life is beautiful. Grok Imagine

CVE 2025-55182 & CVE 2025-66478 , Unauthenticated Remote code execution in react server components. An attacker could craft requests that trigger unintended server execution paths. Applications using React Server Components with the App Router are affected when running: •Next.js 15.x •Next.js 16.x •Next.js 14.3.0-canary.77 and later canary releases React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 are affected. Patch Immediately 🚨

One of the best hunters out there

Had a lot of fun playing that, don’t regret it

If this goes good and you can make mushrooms available for longevity and be able to ship it to India, I’m buying it

Yo @NanoBanana, peep the scene in 2040 Delhi, feel me? Skies choked with flyin' autos, smog thicker than envy, Hover-rickshaws poppin' wheelies, traffic still movin' deadly, Chai bots slingin' masala lattes, drones droppin' butter chicken heavy, Billion dreams stacked in towers touchin' heaven, Ganges glowin' neon, not ready— 2040 Dilli still chaotic, still magic, still flexin' on the globe, deadly!

Famous makes you vulnerable

Amazing work

No, great human hackers will use AI to hack better and faster

Gj, @grok is making amazing videos from images, would be nice if it could make longer videos, it's the future of cinema