Olivia
Online
TKMatima.com
@TKMatima
Hacker | @Microsoft Top 100 Security Researcher of 2018 (Dmitri Kaslov) | | niche internet micro-celebrity
London, England
Joined March 2013
64 Following
1.3K Followers
28.5K Posts
Pinned Tweet
Months ago I was asked to contribute a chapter in this book
my daughter was just a few days old and i was also learning Swift/SwiftUI and developing a mobile app
But still managed to pull this off.
Glad it’s finally published
🎉
Nice
Google Chrome is rolling out device-bound session credentials to all users. Session cookies get cryptographically tied to your device, so stolen cookies can't be replayed from a different machine. Attackers who exfiltrate your cookie database get nothing usable.
Anywhoo, with what is happening these days, i can't even imagine what fresh hell 2030's will bring and how security will change - for better or for worse
I started seriously thinking of "leaving" pentesting around 2015-ish during my @sensepost days when Dane Goodwin released AutoDane https://t.co/kudi3I4LW5
i used on an assessment 🤯
AI wasn't what it is now, but AutoDane made me think - alot.
Amazing to see where we are now
Just released🚨#doyensec's latest whitepaper is a head-to-head comparison of the @AikidoSecurity & @XBOW #AI-powered penetration testing platforms.
https://t.co/p3XVIxHKWq
Read how each automates #security testing, their detection capabilities, workflows & usability.
I thought pentesting was a solved thing - or atleast AutoDane made think it was, and only a matter of time.
plus pwning wasn't fun anymore.
so 2016-ish that's when i pivoted to vuln research to pop 0days & make $$$
2016 CyberGrandChallenge was another "ohmygod" moment (for me)
Or atleast didn’t end with the OAuth notification or the google docs from 2025 tweets i’ve seen from @yubrew and @nicksdjohnson
same thing, different variant
Looks like @Google’s trust-boundary phishing facilitation is still live and well since 2025
https://t.co/mzM6xjyRmC
@AdaptiveSec
Got my first one using the Recovery Contact Request tactic and I dug into it
Now I’m monitoring the attackers silly email inbox 📥 😆
Another 0day lives to fight another day
🙏
Despite 271 bugs massacred by Anthropic, our renderer rce and sbx escape alive and well ready unless there is sudden patch before p2o ( mean we dont have enough time for prepare new one ) - wish us luck!
https://t.co/3oTRESGt5r
ooopsie
Anthropic's Mythos has been accessed by a small group of unauthorized users, raising questions about control of the AI model https://t.co/lXNLHlE1b3
wrote a small blog post to expound my thoughts, rightly or wrongly, about this tweet:
The Mythos Shift: What Actually Changes for Defenders
https://t.co/u2KbLMSf2U
The “mythos” shift:
-your “insider threat” is now also an AI agent
-all your threat models should assume 0day/access (truthfully for the past 5 years that should have been the case anyway)
-focus on detection and containment
-everything else stays the same i.e. do basics
The “mythos” shift:
-your “insider threat” is now also an AI agent
-all your threat models should assume 0day/access (truthfully for the past 5 years that should have been the case anyway)
-focus on detection and containment
-everything else stays the same i.e. do basics
been off them security X streets for about 2 years
(i still work in security tho)
dave aitel is now at OpenAI (??!)
Mr dan is pushing an autonomous security research framework
supply chains are doing teh things
god knows what else gwan.
need to catch up
Anthropic saying they know (but won't disclose) that malware authors were using their code for dev.....
makes more of a case for using self-hosted open source models - and those are punching above their closed-source counterparts anyway and you get criminal mind opsec
After nearly 2 years, I've started writing again :
https://t.co/IqwKi21Lk6
Humanity now stands a chance of being a multi-planetary species thanks to @elonmusk (despite the hate he always gets)
Moon and Mars 🚀🚀🚀
Those “We care about your privacy “ cookie pop ups should be renamed to:
“We don’t care about user experience “
@dcuthbert Oh, so it's not just my family that's been ravished by a nursery virus courtesy of my 1 year old over the past week??
i feel better knowing i'm not alone
Well, thats if the U.S doesn’t lead us to World War 3 with Russia before then 🤷🏾🙏🏾
Are you worried yet?
If not, you aren’t thinking enough about this impact, not just on our tech jobs, but the world in general.
And most governments aren’t even ready/able to help with the upcoming mass loss and/or transition of jobs
Humanoid robots are also 3 years out tops
Post the transition period, it will be joyful and prosperous, etc, etc due to AI.
Im more concerned between now and that transition period 😫😩😩
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.3M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers