FuzzingLabs
@FuzzingLabs
Followers
8K
Following
743
Media
267
Statuses
774
Research-oriented Cybersecurity startup specializing in #fuzzing, Vulnerability Research & Offensive security on Mobile, Browser, AI/LLM, Network & Blockchain.
Paris
Joined August 2020
We already reported 7 vulnerabilities to @ollama via @huntr_ai 🔥 The first one is CVE-2024-12886, report is now public even if the bug is not fixed yet... Please do not exposed your Ollama server, it is not the only bug we found... 🛡️ https://t.co/rbE9YrP7SC
6
33
154
Thanks for updating attribution, that’s a necessary step. One remaining factual point must be clear for the public record: your post still states that PoCs were not copied verbatim. That is incorrect. Below is concrete evidence: the Ollama PoC we published intentionally
@fede_intern @ycombinator @paulg @FuzzingLabs Disappointed to see public accusations without reaching out first, especially after launching a competitive product. We work directly with maintainers via GitHub, not bounty platforms. Neither we nor the maintainers knew about your Huntr reports at the time, otherwise they would
3
9
99
💣 We caught @ycombinator–backed @gecko_sec stealing two of our CVEs, one on @ollama , one on @Gradio. They copied our PoCs, claimed CVE IDs, and even back-dated their blog posts. Here’s the full story 👇
28
133
853
#BSidesBerlin Speaker Showcase @pat_ventuzelo will deliver our closing keynote: how AI is shifting from automation to autonomy in AppSec & offensive security, envisioning AI-driven red teams. Get your tickets here 👉 https://t.co/kJPlqQJlHa
@SecurityBSides #AI #RedTeam
0
4
6
Hi, does anyone here have a contact at @ycombinator? cc @paulg Quick context: @FuzzingLabs developed an open-source, AI-driven fuzzing tool that discovered a number of significant vulnerabilities which we disclosed publicly. A competing team backed by YC, @gecko_sec, has since
💣 We caught @ycombinator–backed @gecko_sec stealing two of our CVEs, one on @ollama , one on @Gradio. They copied our PoCs, claimed CVE IDs, and even back-dated their blog posts. Here’s the full story 👇
21
26
258
✊ We demand that @gecko_sec: – Publicly acknowledge and correct the record – Attribute the CVEs to their real discoverers – Stop claiming credit for research they didn’t perform – Make a public apology to the researchers impacted Transparency matters.
2
3
86
💡 Backed by €1M pre-seed and trusted by major clients, @FuzzingLabs invests in genuine research, not content farming. Our results are verifiable, public, and transparent. Seeing @ycombinator-backed companies steal others’ work and rewrite history is unacceptable and unethical.
1
3
68
🕵️♂️ We have indisputable evidence that @gecko_sec copied our Proof-of-Concepts (PoCs) verbatim, including unique fingerprints we intentionally inserted to identify our work. And it’s not just us, at least 7 vulnerabilities on their website appear to be stolen from other
3
2
60
🚨 What we found: – All PRs were created after our legitimate Huntr reports went public. – Some stolen vulns now even have two CVE IDs (one from Huntr, one from their GitHub PR). – Their blog posts were back-dated to appear older than the real disclosures.
1
2
48
Original Huntr reports (ours): 🔗 Ollama → https://t.co/dJDqssrHcz 🔗 Gradio → https://t.co/lEhpxgjYov
1
1
50
😡 This isn’t just about two CVEs, it’s about integrity in security research. We follow responsible disclosure. They waited for our public reports, copied the PoCs, re-submitted them, and took the credit.
1
1
90
💣 We caught @ycombinator–backed @gecko_sec stealing two of our CVEs, one on @ollama , one on @Gradio. They copied our PoCs, claimed CVE IDs, and even back-dated their blog posts. Here’s the full story 👇
28
133
853
Our friends and partners of @piku_dao @sinankoc__ created a yieldcoin returning above 15% by investing in arbitrage strategies, carry trades, on-chain yield, and RWAs. It simplifies the access to complex strategies. I highly recommend you check what they are doing. With Lambda
The primary goal of PikuDAO is to create a stablecoin that maintains its purchasing power that also generates yield for its holders. This is achieved through a backing model that includes arbitrage strategies, carry trades, on-chain yield, and RWAs. The goal is to hedge against
8
7
21
🚀 Big news from FuzzingLabs Academy We’re expanding our training lineup with a brand new format: Masterclasses 🎓 Short, ultra-focused sessions on cutting-edge security topics, perfect to boost your skills fast! 📅 Our Q4 2025 Course Lineup is live: - Fuzzing Windows
0
9
33
Fuzzing Labs @FuzzingLabs is creating the best open source AI Fuzzing tool to automate and find security vulnerability. I highly recommend you check what's been cooked in the Fuzz Forge repository.
8
17
47
We’ve just released FuzzForge, an open-source, AI powered offensive security tool developed in collaboration with @FuzzingLabs! 🚀 🛡️FuzzForge automates vulnerability discovery using intelligent fuzzing to help you find security bugs faster and more effectively. ⭐ Give us a
5
25
55
🚀 We're excited to announce the release of FuzzForge Open Source (OSS)! FuzzForge is our open-source platform designed to automate offensive security workflows & AI Agents, from static analysis to fuzzing, debugging, and root cause analysis, all with AI assistance. 🔷
1
21
49
Almost 100 ⭐️ in less than 24h! Thanks for all the support 🚀 https://t.co/VMsW5G0wgw
🚀 We're excited to announce the release of FuzzForge Open Source (OSS)! FuzzForge is our open-source platform designed to automate offensive security workflows & AI Agents, from static analysis to fuzzing, debugging, and root cause analysis, all with AI assistance. 🔷
2
8
33
🚀 We're excited to announce the release of FuzzForge Open Source (OSS)! FuzzForge is our open-source platform designed to automate offensive security workflows & AI Agents, from static analysis to fuzzing, debugging, and root cause analysis, all with AI assistance. 🔷
1
21
49
Excited to announce that our CEO @Pat_Ventuzelo is giving the Closing Keynote at #BSidesberlin 🎤 AI for AppSec and Offensive Security: From Automation to Autonomy 📅 8 Nov 2025 | 📍 CIC Berlin AI is reshaping vulnerability research, from audits & #fuzzing to autonomous red
0
4
11
🔥 We’re in! Our talk “Breaking AI Inference Systems: Lessons From Pwn2Own Berlin” is officially accepted for @BlackHatEvents Europe 2025. We’ll share real-world bugs in @ollama & @nvidia Triton Server + our journey fuzzing and breaking inference platforms at @offensive_con
0
7
24