xyzeva Profile
xyzeva

@xyz3va

Followers
18K
Following
226
Media
80
Statuses
540

(un)professional hacker | part of https://t.co/aKL2j2fXq3 and https://t.co/JyJKHL5O9Y

https://t.co/1T8SDE1LHr
she/her
Joined October 2023
Don't wanna be here? Send us removal request.
@xyz3va
xyzeva
@xyz3va
6 months
update! @cursor_ai is donating me $50,000 USD for my efforts with the todesktop vulnerability
@xyz3va
xyzeva
@xyz3va
6 months
how to gain code execution on millions of people and hundreds of popular apps and of course, firebase was (partially) the cause https://t.co/U7j7YcYS18
150
56
3K
@mister_bruz
MrBruh
@mister_bruz
3 months
ASUSpicious Flaw - Millions of Users’ Information Exposed Since 2022 https://t.co/xNGnLMnR5g
mrbruh.com
ASUSpicious Flaw - Millions of Users’ Information Exposed Since 2022 Please note that it’s not particularly suspicious, it just made for a good play-on-words title. Introduction What do most people...
0
6
23
@xyz3va
xyzeva
@xyz3va
6 months
firebase with no ratelimit nextjs ai api endpoints i dont think y'all understand how big of a problem vibe coding is for security
@leojr94_
leo
@leojr94_
6 months
guys, i'm under attack ever since I started to share how I built my SaaS using Cursor random thing are happening, maxed out usage on api keys, people bypassing the subscription, creating random shit on db as you know, I'm not technical so this is taking me longer that usual to
51
78
2K
@xyz3va
xyzeva
@xyz3va
6 months
anyone that got invited to the browser company dia beta, can you dm me?
11
2
165
@xyz3va
xyzeva
@xyz3va
6 months
big things soon, this time not on my blog
3
1
116
@xyz3va
xyzeva
@xyz3va
6 months
if i follow you and you wanna be friends with me, please just dm me
8
0
132
@xyz3va
xyzeva
@xyz3va
6 months
actually, i have a idea
2
0
40
@xyz3va
xyzeva
@xyz3va
6 months
don't know how to beat the "how crazy is this blog post" scale after this latest blogpost
2
0
129
@xyz3va
xyzeva
@xyz3va
6 months
the best part is that the website doesn't infringe on any of their trademarks, making the report invalid too
2
1
336
@xyz3va
xyzeva
@xyz3va
6 months
rabbit tried to take down the rabbitude website with a trademark infringement claim however, the company they hired to do the takedown didn't put the correct trademark registration number, leading to an invalid claim
Tweet media one
11
27
980
@xyz3va
xyzeva
@xyz3va
6 months
onto the next article
4
0
138
@xyz3va
xyzeva
@xyz3va
6 months
17k followers woo
5
0
83
@xyz3va
xyzeva
@xyz3va
6 months
15k followers woo
14
0
254
@xyz3va
xyzeva
@xyz3va
6 months
https://t.co/DYGpxIBp3T
@xyz3va
xyzeva
@xyz3va
6 months
update! @cursor_ai is donating me $50,000 USD for my efforts with the todesktop vulnerability
4
2
338
@xyz3va
xyzeva
@xyz3va
6 months
for those wondering, in total i got 5k for this vuln, which i dont blame todesktop for because theyre a really small company
5
3
324
@xyz3va
xyzeva
@xyz3va
6 months
for those wondering, in total i got 5k for this vuln, which i dont blame todesktop for because theyre a really small company
5
3
324
@xyz3va
xyzeva
@xyz3va
6 months
hackernews:
2
2
230
@xyz3va
xyzeva
@xyz3va
6 months
how to gain code execution on millions of people and hundreds of popular apps and of course, firebase was (partially) the cause https://t.co/U7j7YcYS18
104
290
3K
@xyz3va
xyzeva
@xyz3va
6 months
tomorrow 7pm utc
5
1
85
@xyz3va
xyzeva
@xyz3va
7 months
its insecure supabase btw
@ns123abc
NIK
@ns123abc
7 months
YC deleted the post of the demo for slavery
6
0
156