Autonomous Security From Design To Production
Joined April 2025
- Tweets 67
- Following 25
- Followers 510
- Likes 193
7 Photos and videos
depthfirst retweeted
Jun 9
Big fan of the work Calif is doing so happy to add some color here.
I like the idea behind ngxray, but it can also be misleading. It's a pure syntax matching which will never work well on semantically rich languages.
e.g. the following would be completely missed:
location / {
rewrite ^/(.*)$ /m/$1?x=1;
rewrite ^/no/(.*)$ /q/$1;
rewrite ^/m/(.*)$ /n/$1$host; # real sink: overflows, never evaluated
}
I'm happy to see healthy technical discussion, but I don't think the claim that "nginx-rift" affects only 1 public nginx config is accurate. In an enterprise environment, you never know how developers will write their configs. In private chats, we have been made aware of multiple enterprises having this issue.
By the way, we also have full-chain nginx 0-day with ASLR bypassed, but we won't publicly market it until it's fully fixed.
We'd love to be proven wrong here. As a red team, few things are more exciting than a reliable nginx RCE.
For some context: we discovered at least two nginx 0-days and successfully weaponized one into a full RCE, bypassing ASLR with no external dependencies.
We were thrilled, until we realized both bugs appear to require highly unusual nginx configs that we've yet to encounter in the wild.
That's why we built ngxray: github.com/califio/ngxray. After analyzing 35,000 nginx configurations from GitHub, we found exactly one instance vulnerable to nginx-rift, in an abandoned project. We found none vulnerable to nginx-poolslip.
Users should absolutely patch. But from a red team perspective, these exploits have been worthless. We've never encountered a target where they'd have been useful.
If anyone has evidence that these configs are common in real-world deployments, we'd like to see it.
Everybody wants their five minutes of Twitter fame. That's fine. But extraordinary claims still require extraordinary evidence.
2
6
53
7,485
Jun 8
We recently wrote about 21 FFmpeg zero-days we found earlier this year. Read the blog post about the findings and about how our security agent works in the comments.
🔥 AI just found 21 zero-days in FFmpeg.
That’s the video library bundled inside many apps, tools, containers, and devices. Some bugs sat untouched for 15–20 years.
Google Chrome also dropped PATCHES for a record 429 vulnerabilities this week.
Read: thehackernews.com/2026/06/ai…
2
2
17
2,227,473
depthfirst retweeted
Jun 4
We helped FFmpeg find and fix 21 security vulnerabilities.
In a 1.5M-line codebase, we spent just $1K in API costs. Some of these bugs had been hiding for decades.
We also developed a PoC demonstrating an RCE primitive when FFmpeg processes RTSP streams.
Full write-up: depthfirst.com/research/21-z…
5
67
373
338,281
depthfirst retweeted
Jun 4
@depthfirstlabs post trains their own and combines with frontier models gets context from your environment beyond the codebase.
1
2
16
325
depthfirst retweeted
Jun 1
AI agents are enabling every team to build useful software. This is incredibly exciting, but it also means the attack surface is changing. We recently learned that our adversaries are already using frontier models to create malware and exploit vulnerabilities.
To address this, today we’re launching the depthfirst Dependency Firewall to find and block malware in supply chain dependencies before they’re installed.
It uses the same engine that discovered NGINX Rift, now optimized to detect malware in open-source packages.
We want companies to move faster with AI, without compromising security.
Above all, @depthfirstlabs is a mission driven organization. This is another step towards achieving our mission of securing the world's software, an increasingly urgent need as artificial intelligence accelerates how software is built, deployed and attacked.
20
53
365
1,650,306
May 16
Thanks @Forbes for the coverage. We want to give all defenders access to frontier-level security, today.
We're offering $5m in credits to maintainers of critical OSS. Apply here: opendefense.dev/
This Startup’s AI Found Critical Vulnerabilities That Anthropic’s Mythos Missed forbes.com/sites/thomasbrews… (Photo: Depthfirst)
3
16
110,873
May 15
Impressive work by @hkashfi! It's great to see how fast the cyber community can work together
May 15
Still "Lab", but working fully remotely without any hardcoded offsets, bypassing ASLR on standard Ubuntu Nginx deployment via an LFI primitive. There's still lots of room for improvement but I'm already out of tea and who cares? Just patch.
1
1
5
16,932
depthfirst retweeted
May 15
.@depthfirstlabs found NGINX Rift. We're giving $5m in credits to critical OSS projects, apply below.
Regarding ASLR, please prioritize patching. ASLR makes the exploit harder, but still feasible.
🚨 UPDATE: 19 MILLION exposed NGINX instances hit by the 18-year-old NGINX RCE found by AI.
Top exposure by country:
- United States: 5,340,011
- China: 2,540,008
- Germany: 1,871,780
Note on ASLR as added security: not all of these instances will have ASLR disabled, but every one of them is running a version inside the vulnerable band.
The vulnerability is a heap buffer overflow. ASLR randomizes memory layout, which makes reliable RCE much harder because the attacker cannot predict where their payload or useful gadgets land. But the overflow itself still happens. The corrupted memory still causes the NGINX worker process to crash.
ASLR-enabled hosts are still trivially DoS-able. ASLR-disabled or non-PIE builds are RCE-able. Either way, patch ASAP!
3
5
36
200,842
depthfirst retweeted
May 14
Because regex-triggered vulnerabilities depend on the specific regex input, they are especially difficult for static analyzers (and humans) to find. This is impressive.
May 13
NGINX rift: We autonomously discovered this 18 yr old heap overflow (CVE-2026-42945) in @nginx impacting version 0.6.27 to 1.30.0. If you use rewrite and set directive, you maybe impacted! Please update your NGINX or change the config to mitigate it. Read more at depthfirst.com/nginx-rift
7
25
6,151
depthfirst retweeted
May 13
Using the same system, we found NGINX RCE, Linux LPE, Chrome RCE, FFmpeg RCE and a lot of other critical Vulnerabilities, feel free to try it out! We are trying our best to help secure OSS!
May 12
Today we're launching the Open Defense Initiative: up to $5 million in @depthfirstlabs credits for critical open source projects to find and fix real, exploitable vulnerabilities.
The timing matters: frontier models can autonomously discover and exploit vulnerabilities in widely-reviewed codebases. Open source models will catch up soon, and when they do, bad actors will have unfiltered access to these capabilities. We have a narrow window to harden critical software before that happens.
This is the time to act, but until today frontier-level security, like what Mythos offers, has been reserved for a handful of large companies who are required to pay a lot for access. depthfirst is not only comparable in performance but also goes significantly beyond surface level findings, highlighting real, exploitable vulnerabilities due to its understanding of the system’s context and ability to verify like an attacker would. depthfirst found vulnerabilities in FFmpeg that Mythos missed, at a tenth of Anthropic's self reported spend. We want every defender to have these capabilities, starting with the open source projects the world runs on.
If you maintain a critical open source project, apply for Open Defense credits through the form in the comments.
11
73
12,200
May 13
depthfirst autonomously discovered, verified, and generated a patch for NGINX rift, an 18 year old heap overflow (CVSS 9.2). It leads to an RCE and is affecting most of the global web traffic.
Follow the link in the comments to learn more.
May 13
NGINX rift: We autonomously discovered this 18 yr old heap overflow (CVE-2026-42945) in @nginx impacting version 0.6.27 to 1.30.0. If you use rewrite and set directive, you maybe impacted! Please update your NGINX or change the config to mitigate it. Read more at depthfirst.com/nginx-rift
2
2
8
3,176
depthfirst retweeted
Apr 10
Securing systems is a necessary step to enable more powerful AI models.
Security is a bottleneck. It shouldn't be.
Apr 10
Thank you @johncoogan and @jordihays at @tbpn for hosting our CEO and co-founder @quantumcastaway to talk about depthfirst and discuss the importance of cybersecurity in the age of AI.
3
12
1,294
Apr 10
Thank you @johncoogan and @jordihays at @tbpn for hosting our CEO and co-founder @quantumcastaway to talk about depthfirst and discuss the importance of cybersecurity in the age of AI.
1
1
7
1,599
depthfirst retweeted
Apr 7
This week @depthfirstlabs introduced dfs-mini1, a security model trained via Reinforcement Learning to detect vulnerabilities in smart contracts. The model achieves pareto optimality on OpenAI’s EVMBench Detect and SOTA at pass@8 beating frontier models at a fraction of the cost
7
13
43
7,697
depthfirst retweeted
Mar 31
We're backing @depthfirstlabs in their $80M series B, announced today.
depthfirst is building the essential layer for trust and safety in this technology shift, founded by a crew of former Faire, DeepMind, and Databricks leaders:
depthfirst.com/post/series-b…
1
2
9
1,271
90 days from Series A to $80M Series B 🔥Congrats to our friends at @depthfirstlabs
Mar 31
depthfirst has raised an $80M Series B at a $580M valuation.
Attackers are using AI to break into systems faster than ever before. depthfirst is on a mission to stop this.
RT Comment “depthfirst” and I’ll send you a FREE vibe coding security agent.
1
1
7
2,027
depthfirst retweeted
Mar 31
We're proud investors in @depthfirstlabs's series B!
From working with depthfirst's cofounder when he cofounded Faire, to getting to know the rest of the depthfirst team, I’ve built tremendous respect for how they're approaching the market.
Mar 31
depthfirst has raised an $80M Series B at a $580M valuation.
Attackers are using AI to break into systems faster than ever before. depthfirst is on a mission to stop this.
RT Comment “depthfirst” and I’ll send you a FREE vibe coding security agent.
3
2
29
5,586