When the agents seem lazy and aren't able to find any bugs I punish them by forcing them to formally verify the code instead. All of a sudden they can find bugs! :p

Hosting the indie hacker's meetup #10 this evening with 10 other like-minded people where we showcase our apps, what marketing tactics we tried, what worked & what didn't. I didn't think this meetup will pick up eversince I started doing it in Jan this year. But here we are, close to hitting 10 gatherings and it's one of the most fulfilling and supportive community I've been a part of. Super grateful to all the people that showed up, presented their journeys, apps, and shared their learnings with us! ❤️ We also have a WhatsApp group that grew over time and we're now 54 members there where we share our wins, ask for feedback, and what news break. It's not much, but for a city like Timisoara, I think it's a great signal that entrepreneurship is starting to pick-up steam and it's super exciting to be part of this new wave. Here's to many more great meetups and let all your MRR go brrrrrr 🥂🚀

Anthropic Post-IPO

github.com/vtemian/zag - pane navigation using h/j/k/l - normal and insert mode - built-in LUA plugin for session management - switch between sessions - create/delete sessions

I'll never forget the indescribable joy of capturing my first flag and will cherish for life the brotherhood, the memories and adventures that CTFs gave me. Still surreal that after 8 consecutive years of playing DefCon CTF, I sat out this time. #PwnThyBytes #WreckItRalph @WreckTheLine #Zer0RocketWrecks

Had a blast at the recent events in Maribor and Timisoara. You can catch me next in Athens and Helsinki. Hmu if you wanna grab a drink and talk about cyber agents.

BREAKING: Victor Wembanyama has joined Anthropic.

Dialed in! Nikolaos Mourousias (@deltaclock), Caue Obici (@caueobici) & Bruno Halltari (@BrunoModificato) of OtterSec used a Code Injection bug to exploit LM Studio in the second round, earning $20,000 and 4 Master of Pwn points. Full win! #Pwn2Own #P2OBerlin

Happy to see the bugs that we reported finally patched! It's been a while...

🚨BREAKING: AISafe Labs discovered Remote Code Execution on @langfuse with a single OTel trace request. The flaw in the OpenTelemetry dotted-attribute expansion allowed unauthorized access to LLM traces belonging to other projects and system compromise via prototype pollution💣

8 minutes after submitting a P4

Read the full story of how AISafe found a Stored XSS in Immich, a self-hosted photo app with over 98k GitHub Stars ⭐️ aisafe.io/blog/cve-2026-3545…

I miss the old internet

Block out the noise. Go win.

Opus 4.7 got worse at "Cybersecurity vulnerability reproduction" as it became more a more well-rounded person. It just doesn't have that dog in it anymore.

Markdown is the new Python

So if you rage-bait hackers you will actually get hacked? Damn.

Delete your account, dissolve the protocol, fire everyone and go make puzzles or something