Stop guessing why your tweets flop.
I built a scorer from X's open-source For You code.
Your tweet isn't just competing with "the algorithm."
It's competing with:
- unclear topic
- slop signals
- safety flags
- thread dedup
- weak first 280 chars
Paste a draft and see which signal is dragging your reach down, plus concrete rewrites that lift the score.
Not a crystal ball. Just the public algorithm signals, before you post
https://t.co/NyNd1MfHpE
I made more money stricly from trading in the last 2 months than I did combined ever since I started crypto journey.
Started with $EDGE, then $LDO, $PENGU then $ENA, $OPG, $BTC then $HANTA
Insane run for me, all of it without leverage, pure spot (edge was 1.1x leverage on pre-markets cuz there was no spot).
5 years of learning to finally have a decent payout within 2 months.
The UFO / UAP docs dropped today
i couldn’t leave them sitting in random PDFs
so i turned them into a searchable archive:
all records, maps, timeline, photos, videos, and page-cited answers
reply with a query, i’ll post the best hit or try it yourself at
https://t.co/M0dwpi6xJn
curl | bash isn't a meme anymore. It's how most dev tools ship now. Which means every command you paste from ChatGPT, a README, or a Discord DM is a supply-chain decision you're making without realizing it.
Attackers realized. They've scraped millions of LLM responses, collected the package names GPT, Claude, and Copilot hallucinate, and quietly registered them on npm, PyPI, crates, etc.
It has a name now: slopsquatting. USENIX researchers tested 16 LLMs on 576,000 code samples. 58% of the hallucinated packages repeated across runs, Attackers farm them, register, and wait
Your terminal doesn't know the difference. Your lockfile captures the hash of whatever you ran, malicious or not. The CVE lands a week later. By then, Team PCP, UNC1069, and Shai-Hulud already have your GitHub token, your AWS keys, and a fresh public repo named after you.
This is the supply-chain version of the homograph attack. Same idea. New surface.
I built tirith to catch the curl version two months ago. v0.3.0 catches the install version:
Signed Threat DB cross-referenced before the install runs. Malicious-package intel from @openssf and @datadoghq. IOC/blocklists from @abuse_ch. Tor exit coverage via @torproject. Live OSV and deps lookup via @GoogleOSS.
Still local. Still no telemetry. Still free and Open Source
https://t.co/sRZ5n5IZ69
The rsETH hack is leading to withdrawals across all lending protocols, even on solana and unaffected protocols:
- Aave: -6,200m (-23%) net inflows
- Morpho: -716m (-9%)
- Sky: -272m (-4%)
- JupLend: -76m (-8%)
TeamPCP compromised @LiteLLM,@AquaTrivy, and Checkmarx in 5 days.
the payload scraped /proc/mem for secrets, mounted host root via Docker remote daemons, and swept every credential file on disk.
none of this needed a zero-day. just stolen creds and commands your terminal happily executed. that's what makes this terrifying.
most teams have zero terminal-level defenses for this. literally zero
so we shipped 6 detection rules in tirith to cut the blast radius:
- credential leak detection (API keys, private keys, high entropy secrets)
- /proc/mem scraping detection
- Docker remote privilege escalation blocking
- credential file sweep warnings
- wrapper-aware detection (sudo, env -S, nohup)
- domain corpus expansion for confusable hostname detection
this won't stop a trojaned wheel, but it catches the payload before it does damage.
supply chain is the new attack surface, what's guarding the commands your CI/CD pipeline runs right now?
AI agents forget every website they visit. and still click through UIs like interns on their first day, billions spent on AI agents and they still can't remember a website they visited yesterday. that's insane
you can spend $500 in API calls clicking through a dashboard and the agent will start from scratch next time like nothing happened
browser automation is a solved problem being solved wrong. the best browser automation uses less browser.
so i built Schrute
it learns a browser session, reverse-engineers the patterns, and never needs the UI again
it self-improves over future runs. gets faster, not dumber
open source, REST API, CLI. and MCP server
unpopular opinion: most browser agents are just expensive screenshotters
what website would you teach it first?
https://t.co/NJ7D4QkOqL
JUST IN: 🇺🇸 President Trump orders all federal agencies to immediately stop using Anthropic's Claude AI.
"Anthropic better get their act together…or I will use the full power of the presidency to make them comply."
The skills files for your AI can contain invisible instructions that only your AI agent can read.
You’ll never see them. Your agent will obey them.
Everyone’s worried about AI taking their job. Nobody’s worried about what their AI agent is actually executing.
After almost ~2k @github stars, shipped even more Tirith detection, along with other features:
- Scans AI config files for hidden prompt injection
- Catches zero-width characters hiding instructions from you
- Detects servers cloaking content: showing one thing to your browser, another to your AI
- MCP server with 7 tools your agent calls before executing anything
- Hidden content detection: CSS hiding, zero-font tricks, and content in web pages only your AI can read
- One-command setup for Claude Code, Cursor, Codex, VS Code, Windsurf
- Env hijacking, proxy injection, PATH manipulation detection
Free & Open source.
Did you ever audit your AI config files before?