Industry Leading Web3 Security. Request a security review here ➡ cantina.xyz/solutions/spearb…
Joined October 2021
- Tweets 2,117
- Following 33
- Followers 14,281
- Likes 2,583
522 Photos and videos
Spearbit retweeted
Jun 11
Cantina threat discovery: Apple's swift-crypto reads memory it shouldn't when a network peer sends a short post-quantum key.
That's what we found in Apple's swift-crypto. The X-Wing HPKE decapsulation runs in Swift and forwards its input to a BoringSSL C function that expects exactly 1120 bytes. The Swift caller accepted any length. The check that should have lived in between didn't exist. Patched in 4.3.1.
Full breakdown: cantina.review/cantina-e0436…
4
19
2,012
Five household-name eng orgs hit in three weeks by the same group. A worm built for npm ended up walking ~3,800 internal repos out of GitHub.
May 20
We’ve detected that @GitHub has been compromised by TeamPCP.
A poisoned VS Code extension on an employee device. ~3,800 internal repos exfiltrated. Data already on a black forum for $50K.
The technical vulnerability is two words: "runOn": "folderOpen" in a .vscode/tasks.json.
Cursor plays with Workspace Trust OFF by default. Open the folder, the task fires.
Same group hit @Tan_Stack, @OpenAI, @Microsoft, and Nx in the prior 3 weeks. Same blind spot in every IDE-scanning security stack.
What a time for cybersecurity! Full breakdown: cantina.review/github
1
14
4,295
Spearbit retweeted
May 19
Pretty wild: Apple's May 2026 security advisory is the first in its history to include AI credit lines. 3 credits to Cantina (one bug had been in WebKit for 13 years). 2 to Anthropic's Claude.
This is why we put together a joint guide with @swif_ai: the shape of a security advisory is changing, and we wanted to give teams a clear read on what matters most during this transition.
Read on: cantina.review/apple-securit…
3
5
31
2,812
Spearbit retweeted
May 19
Scammers spin up brand impersonation accounts by the 1000s every day using typosquats, homoglyphs, fake avatars, and fake job listings.
So we had to act.
Introducing Klaxon: a free, self-hosted terminal tool that monitors your brand on social and pages your team the moment something is off.
Try it for yourself: cantina.review/klaxon
1
8
29
3,440
Elite researchers, elite security: @rileyholterhus
May 18
$500,000 to @rileyholterhus through Cantina Bounties. 🪐
The researchers who consistently find the bugs that matter don't chase volume. They follow programs where scope is tight, triage is fast, and rewards match actual impact.
Well done, Riley!
56
3,967
Spearbit retweeted
May 15
The local foothold can put an entire platform team on the clock.
Dirty Frag affects RHEL 8, 9, and 10, OpenShift 4, and a broad set of Ubuntu packages. The real issue is what happens next: a local user can turn limited access into root across shared infrastructure.
It lands with platform, cloud, and security teams at the same time.
Read the full article: cantina.review/3zv
3
12
1,968
Spearbit retweeted
May 14
Today. 1:30 pm ET.
Join Cantina's CEO, @hrkrshnn, and President, @mikeleffer, who will discuss how AI blurs the lines between AppSec, SecOps, and GRC.
Last call. Register: cantina.review/cantina-e2ecd…
1
4
21
1,640
Spearbit retweeted
May 13
Apple patched a 13-year-old bug in WebKit yesterday.
Apex, Cantina's autonomous AppSec agent, found it.
It's one of three Apex findings in the same release. Two are CSP bypasses.
Full writeup: cantina.review/ze5
10
514
487
2,238,861
Spearbit retweeted
May 12
The cost starts when operators stop trusting the screen.
Federal agencies said attackers were already reaching internet-facing PLCs and altering operator views across critical infrastructure.
Read the full article: cantina.review/cantina-agent…
5
12
1,210
Spearbit retweeted
May 11
Three teams own one bug. AppSec finds it, SecOps contains it, GRC reports it.
By the time the third team has context, the attacker has moved twice.
4 days out: From Design to Containment.
Register: cantina.review/cantina-e2ecd…
1
4
14
1,584
Spearbit retweeted
May 8
20% of breaches now start with the exploitation of a known flaw, up 34% year over year. Teams lose time in the handoff between AppSec and SecOps.
Next week, Cantina's CEO @hrkrshnn and President @mikeleffer will discuss how AI blurs the lines between AppSec, SecOps, and GRC.
1
3
16
1,326
Spearbit retweeted
May 7
Cantina threat discovery: we detected an authorization bypass in @
@springcentral, that can leave protected routes exposed even when the XML config looks correct.
Found by Apex, Cantina’s AppSec agent.
Full writeup: cantina.review/security-e8fb…
1
3
15
1,769
Spearbit retweeted
May 6
Nearly $22B in ETH is staked via @LidoFinance.
Today, we’re glad to announce that Lido has completed the Web3SOC assessment, covering operational, financial, security, and compliance domains across Lido DAO and the Lido protocol.
1
4
22
1,599
Spearbit retweeted
May 5
What does it look like when a privacy-first platform invites the world's best to try and break it?
@aztecnetwork is putting that question to the test, with a new bug bounty program on Cantina.
Here's what researchers should look at.
1
5
54
9,335
Your free daily security digest is here: ahackaday.news
Powered by @cantinasecurity.
May 4
Threat feeds dump 1000s of incidents on security teams every day.
Most go unread, so we had to act.
Introducing ahackaday.news: your free daily security digest that ranks the day for you, with live social signal on every brief.
2
746
Spearbit retweeted
Apr 30
Calling all security experts: the @Reserveprotocol x Cantina competition is now live.
We’re opening Reserve's codebase to public security research through May 10, with a $30,000 prize pool for meaningful findings.
Scope, docs, and timeline: cantina.xyz/competitions/980…
2
9
66
5,778
Spearbit retweeted
Apr 29
Your SOC 2 report ages the moment the audit window closes.
GDPR still requires teams to notify within 72 hours of a breach. DORA moves on operational timelines. The market keeps asking for current evidence, and it will continue to do so.
Learn more: cantina.review/soc-a4c832
1
3
8
953
Spearbit retweeted
Apr 28
Today, we're proud to announce that we've partnered with @CrowdStrike and @swif_ai to offer EDR and MDM services, wired directly into Cantina's agentic security OS.
cantina.review/cantina-cf44c…
3
4
18
1,335
Spearbit retweeted
Apr 27
Cantina Threat Advisory: Bitwarden, the password manager used by more than 10M people, suffered a supply chain incident in its npm delivery path.
Full breakdown: cantina.review/bitwarden-9ee…
3
4
8
1,490
Spearbit retweeted
Apr 24
The detection tool finds it. The code tool knows the repo. The ticket tool owns the remediation. Evidence lives somewhere else.
Four tools. Zero shared context.
That is the gap Cantina closes: cantina.review/deploy-autono…
1
3
7
933