Mohammad Kaif @_mkahmad - Twitter Profile

Pinned Tweet

Mohammad Kaif

@_mkahmad

3 months ago

Yay! I was rewarded $15,000 bounty from Apple. Account takeover via App Store 👀 #bugbounty #cybersecurity #pentesting

123

6K

101

860

543K

_mkahmad retweeted

PT SWARM @ptswarm

2 days ago

👨🏻‍💻 Did you know that it’s possible to perform RCE in Internet Explorer via clickjacking? Igor Sak-Sakovsky's (@Psych0tr1a) new article will explain how! https://t.co/HfVLnuzwAT

ptswarm's tweet photo. 👨🏻‍💻 Did you know that it’s possible to perform RCE in Internet Explorer via clickjacking? Igor Sak-Sakovsky's (@Psych0tr1a) new article will explain how!

https://t.co/HfVLnuzwAT https://t.co/kKTK0QHfaT

0

25

14

12

2K

Mohammad Kaif

@_mkahmad

6 days ago

Approved!

0

1

0

160

Mohammad Kaif

@_mkahmad

6 days ago

Applied for Claude cyber use case, lets see how much time does it takes to accept the application

1

2

0

253

Who to follow

Omkar Mali🇮🇳

@OMK4RM4LI

• Yogosha Strike Force • Red Team at @pentabug• CEH• CPENT• LPT• CTF Player ⛳• Gamer🎮• Security Researcher

Valeriy

@Krevetk0Valeriy

Security enthusiast, bug bounty hunter at @Hacker0x01 and @Bugcrowd https://t.co/RjYvPJaXTW https://t.co/dkUfA2vywe

_mkahmad retweeted

16 days ago

StubZero: $148,337 RCE in Google Cloud Production https://t.co/m7cBnSTaj4

16

744

171

426

81K

_mkahmad retweeted

Zhongquan Li

@Guluisacat

23 days ago

The blog post on my talk "Design-Based Vulnerabilities on macOS： Oops, Not a One-Shot Fix" presented at OffensiveCon2026 : https://t.co/DAqpWVVxDs

4

128

32

89

11K

Mohammad Kaif

@_mkahmad

about 1 month ago

@LiveOverflow Any chance of using Chinese models for evals? Like DeepSeek v4? I think the costs would be much lesser than these small models

1

0

389

Mohammad Kaif

@_mkahmad

about 2 months ago

"Bounty awards are determined and paid based on what is demonstrated in the report, not on claims made in the report but not proven with evidence or proof of concept." - Apple Security Team The POC:

0

10

0

2

494

Mohammad Kaif

@_mkahmad

2 months ago

@one33se7en @Hacker0x01 Congrats!!

0

1

0

330

_mkahmad retweeted

solst/ICE of Astarte

@IceSolst

2 months ago

>use a security tool in CI get pwnd >update your dependencies get pwnd >do nothing, ignore security win

35

2K

133

106

55K

_mkahmad retweeted

Calif

@calif_io

2 months ago

Reverse engineering Apple’s silent security fixes, by @blacktop__ We grabbed the latest iOS update, and diffed it with ipsw. The diff reveals at least two security-relevant changes that were shipped quietly. https://t.co/mUt11Qy7ly

1

264

48

213

64K

Mohammad Kaif

@_mkahmad

2 months ago

@speedyfriend433 Congrats!

1

2

0

418

Mohammad Kaif

@_mkahmad

2 months ago

Woke up to getting acknowledged by Apple! Apple just pushed an update to fix a vulnerability I reported on Music app. https://t.co/bqfzPoKk1g #bugbounty #CyberSecurity #appsec

_mkahmad's tweet photo. Woke up to getting acknowledged by Apple!

Apple just pushed an update to fix a vulnerability I reported on Music app.

https://t.co/bqfzPoKk1g

#bugbounty #CyberSecurity #appsec https://t.co/ub87wmVeIA

2

20

2

0

1K

_mkahmad retweeted

Bugscale @bugscale

3 months ago

If you missed the talk at @1ns0mn1h4ck , our latest blog post is now available for you to explore. In this post, researchers @Hacker_Chai and @SachaKozma detail their journey to a 1-click RCE exploit on the Samsung S25 phone. Check it out here: https://t.co/x7mZcFCSR3

1

100

33

73

10K

_mkahmad retweeted

Mandiant (part of Google Cloud) @Mandiant

3 months ago

Google Threat Intelligence Group has identified DarkSword, a new iOS exploit chain leveraging six zero-day vulnerabilities. Multiple threat actors are actively using it to deploy malware payloads. Update your devices or enable Lockdown Mode. 👉 https://t.co/9XzL9nogwL