Olivia
Online
Attack and Defense
@attackndefense
@[email protected] - Mozilla's Security Internals for Security Engineers, Security Researchers, and Bug Bounty Hunters.
Joined February 2020
8 Following
1.5K Followers
157 Posts
Pinned Tweet
Please report bugs. If you - or someone else - improves exploitability after initial report, the bounty will be increased. If you're second reporter, you will be pro-rated.
I guess I can only speak for our bounty program but come on industry, you can do better.
#bugbountytips
Do not report open redirects without fully analyzing and seeing potentials of it. Thanks to random guy who reported open redirect, our report for full SSRF leaking client secret of integration claimed dupe.
Again: do not report open redirects #bugbountytips
@parityzero @0xcharlie We talked to various participants . We did not scramble some offsets. We actually found the same bugs they had….
@nullspec7or lots of duplicates.
6 Firefox entries at pwn2own.
5 withdrawals due to our 150.0.3 security release.
1 failed attempt.
0 Exploits.
No incidents.
Time to party :)
Who to follow
Linux Kernel Security
@linkersec
Links related to Linux kernel security and exploitation.
Maintained by @andreyknvl and @a13xp0p0v.
Also on https://t.co/GVE11dpBb8 and https://t.co/YpxPWXnA6Z.
offensivecon 
@offensive_con
OffensiveCon Berlin is a technical international security conference focused on offensive security only. Organised by @Binary_Gecko. Stay tuned #OffensiveCon26.
Jun Kokatsu
@shhnjk
Hacking the Web, Browsers, and Agents. Opinions are my own.
Reminder that our bug bounty program accepts PoCs (e.g. , verifiable in an address sanitizer builds that you can find here https://t.co/ovY7HAM43k).
No need to write a full exploit.
More here https://t.co/lTEoqzuQ4U :)
@pwning_me Sorry to hear it did not work out. Let's meet at the conference, we're happy to accept a non-working exploit in the bug bounty program even if it's just a poc. :)
Sorry this broke your chain @qriousec, @trichimtrich, @lanleft_, and @wiz1340. Would love to compare notes if you still make it to Berlin.
Great bug, thank you for the detailed report.
We just released 150.0.3 to fix this.
https://t.co/lPxe7ZBKP8
I was hoping to compete in Pwn2Own with a Firefox full-chain entry, but unfortunately it was rejected. I’ve reported the vulnerability to the Mozilla team.
@pwning_me This year has been pretty fast moving, even for us. We will have people on site and would be happy to meet you.
@S1r1u5_ We'll be on-site and are happy to take bug reports in person :)
@ggwhyp Should be fixed soon, thank you :)
@qriousec There was a Firefox 150.0.1 update last week and a Firefox 150.0.2 update just today. Make sure that it still works and we're looking forward to meeting you next week :)
When we said that we found and fixed hundreds of bugs in Firefox using AI, people were skeptical and said: Where are the bugs?
Well, here they are. We are unhiding 12 security bugs that are representative of the issues we have found.
https://t.co/aIZ8p1Wxso
https://t.co/AVP3o8D4tR
@S1r1u5_ @rs_loves_bugs @pwning_me @S1r1u5_ @rs_loves_bugs
If you are coming to Berlin in two weeks and found your bugs squashed in a Firefox update, tell us your story. We will bring Firefox swag :)
We just published our recent Firefox Security and Privacy highlights in the Q1 newsletter. Take a look —> https://t.co/FbmNCmwCWJ
@LiveOverflow The bug info is public, including test case and patches. If you want to follow along, look at bug https://t.co/dNi1tgydQQ (Day 1 exploit) and https://t.co/C7KUB09xcb (Day 2)
See @LiveOverflow's documentary on Firefox and pwn2own and learn what it was like to fix not just one but TWO Firefox security bugs at rapid time. https://t.co/ipH9EMBTSf
After a long pause, a new video coming today!
Part 1 of small documentary about Pwn2Own…
Good news. We just published the Firefox Security Newsletter for 2025 Q4.
https://t.co/AS6ixd22ak
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers