nisedo
@nisedo_
Followers
4K
Following
26K
Media
592
Statuses
5K
I stare at smart contracts until one of us breaks @trailofbits | @soliditors 🇫🇷
Joined August 2021
To all French speakers 🇫🇷 in Web3 security ⛓️🔒, we've just started a community dedicated to French-speaking enthusiasts and professionals in Web3 security @soliditors . ➡️ Send me a DM to join the Discord.
11
17
107
“just read the code”. that’s like saying Messi just kicks, Carlsen just thinks, or Hamilton just drives.
1
3
35
TL;DR: senior developers and especially cybersecurity experts are safe for now.
My personal review of executing a hard, real-world programming task with different models. TL;DR: only gemini 2.5 pro with deep thinking is somehow useful. I’m working on a few AI projects that use Prefect, Laminar, and multiple LLMs. To simplify development, I recently merged.
3
0
12
🎁.
blog.trailofbits.com
Today, we’re releasing weAudit, the collaborative code-reviewing tool that we use during our security audits. With weAudit, we review code more efficiently by taking notes and tracking bugs in a...
A year ago @devtooligan told me to use weaudit extension from @trailofbits. That was a goated improvement to my workflow. Sometimes you think you need some fancy AI workflow, but really you just need organisation and a little gamificatiion. Can't believe there's still.
0
0
7
if software design is how you assemble lines of code, system design is how you assemble services.
0
0
2
As if we didn’t already have enough work, they invented vibe coding.
i love how software was trending towards being more secure. more sanitizers shipping with clang. more software being written with memory safety in mind. then: vibe coding enters the arena.
0
0
10
Be so good that your competitor’s proudest moment is finding a medium you missed.
2
1
34
this is coming.
💥 Remote Code Execution in GitHub Copilot (CVE-2025-53773) . 👉 Prompt injection exploit writes to Copilot config file and puts it into YOLO mode, then we get immediate RCE. 🔥 Bypasses all user approvals. 🛡️ Patch is out today. Update before someone else does it for you
0
0
3
RT @thebensams: in the past month, our team has found two critical bugs whose impact was severe enough to cause two major chains to soft fo….
0
6
0
Unfortunately quantity > quality is the way to grow a following on X. Very few have managed to grow with a low-frequency, high-quality strategy (a great example is @danielvf). The thing is, building an expert reputation requires tremendous effort even with low-frequency posting,.
i wanted to share some notes on the @solana handle. over the past two years, we’ve shifted from a low-volume, highly curated posting strategy to a high-frequency, organic approach. this is a deliberate tradeoff -- to showcase the scale of what's happening across the ecosystem,.
2
0
17
ETH holders next week.
2
0
9
Huge if true.
This is the start of something huge. Buttercup, our AI-enabled CRS that scored 2nd place in AIxCC, is now public for everyone to use and learn from. Our goal has always and will always be to raise the bar for the security industry. This is the next step 🔗👇
0
0
6
Well, it was a fun ride.
We just shipped automated security reviews in Claude Code. Catch vulnerabilities before they ship with two new features:. - /security-review slash command for ad-hoc security reviews.- GitHub Actions integration for automatic reviews on every PR
2
0
41
Auditing complex Rust low-level systems be like.
2
2
31
Rumor has it you gain IQ points with every @trailofbits blog post you read.
I’ll definitely spend more time here. While nowadays 80% of the articles are AI written, you must check them out. High quality and technical posts from @trailofbits
1
0
22
From git clone to RCE real quick.
This is crazy - one git clone --recursive and you're cooked.
1
0
4