Last month was my highest in bug bounty so far with almost $131k in bounty. Total paid reports: 18 Average reward: $7.3k Category: most were logical findings via reversing mobile applications and discovering internal endpoints leading to code execution and missing auth etc

Anthropic's own hype about Mythos being 'Cyber Ghost' is backfiring hard.

I really feel for my triage friends out there <3

Just invited to present in Vegas event this summer, I hope my US visa gets approved.

Fable 5 is meaningless for now for any cyber security tasks

AI will kill bug bounties NOT because it’s better than human hunters. It’ll kill them because platforms are failing at handing triage queues and unable to distinguish legit bugs from AI Slops.

Only winner here is Anthropic

oh god... Triagers I feel your pain.

Hey @Hacker0x01 , Huge shoutout to triager "h1_analyst_malenia" 🌟 I’m seriously impressed by the level of professionalism, technical expertise and empathy they’ve shown over the past few months. Thank you!

Seeing Claude Usage Policy banner despite being a part of Claude Cyber Verification Program, anyone else seeing this?

Arrived in Beautiful City of Lisbon for @Hacker0x01 LHE #h1-21 🇵🇹

One way to deal with AI spam reports would be to make program private with limited researchers and keep VDP only public. I know a couple of program managers are already considering this

Need to say this now: Submitting vulnerabilities to companies without established bug bounty programs should be normalized and should not be prosecuted

@SkodaIndia Hi, I still haven’t received any solution for my car. It has been around 44 days now and my car is still with Raja Skoda, Bengaluru. Mr. Naveen is also making incorrect allegations without any evidence. Phone no - 09996688864 Car no - up 15 bx 4050

AMD Senior AI Director confirms Claude has been nerfed. She analyzed Claude's session logs from Janurary to March: > median thinking dropped from ~2,200 to ~600 chars > API requests went up 80x from Feb to Mar. less thinking and failed attempts meaning more retries, burning more tokens, and spending more on tokens > reads-per-edit dropped from 6.6x → 2.0x. model stops researching code before touching it. > model tried to bail out or ask "should i continue" 173 times in 17 days (0 times before March 8). > self-contradiction in reasoning ("oh wait, actually...") tripled. > conventions like CLAUDE.md get ignored because there's less thinking budget to cross-check edits > 5pm and 7pm PST are the worst hours, late night is significantly better. this means the thinking allocation is most likely GPU-load-sensitive.

Opus 4.6 has became so dumb and lazy that I can’t fathom 😤

Google Gemini API @GeminiApp is very unreliable for product buildings. Its always down with 503. Google doesn't care to Update the status page

I wonder how such intelligent model like Mythos and similar will affect companies like Xbow and others agentic Pentesting companies, in positive or negative way.

Hey jensec - Thank you for your report. Everything you sent is already known to us, everything you might have in your drafts has also been discovered internally and everything you are thinking of testing for that might be vulnerable - we have found that too. Kind regards, Mythos

Its so over?