Olivia
Online
ipanda
@ipanda432
lazy , dark circles and always hungry 🐼
Andhra Pradesh, India
Joined June 2015
747 Following
309 Followers
848 Posts
@hetmehtaa I believe this is documented somewhere in their whitehat help center page.
Every JWT writeup online covers 2–3 attacks and stops.
I got tired of jumping between 40 blog posts, so I wrote the whole thing. All in one place.
https://t.co/iCSzQ4GjcS
#infosec #appsec #bugbounty #websec #jwt
Congratulations @chessvaishali . She showed excellent preparation and resilience. Took the blows & delivered the punches. A proud moment for Indian chess with two Indians to cheer for in the World Championships. Personally proud that our @WacaChess mentee will now have a shot at the world title. Being from Chennai is just another flex !
I won candidates !
Who to follow
Nitin Gavhane
@NitinGavhane_
Web App Security Researcher · Full Stack Dev & Vibe Coder · Bug bounty hunter | security audits | AI-powered apps · Tweeting real findings & dev learnings
~Ankit Tiwari
@Debian_Hunter
Bughunter | Poet | DM is always open for questions and help ~
Naresh LamGade
@nlamgade
Founder at @cynical_sec @bugvsecurity | Lead Coordinator at @bsidesKathmandu | Organizer @bounty_bash @nep_hack
The #FCSC2026 ended today, my write-ups are now available on my website https://t.co/PbzPBa4dpX, don't hesitate to check them !
Anthropic themselves found that vibecoding hinders SWEs ability to read, write, debug, and understand code.
not only that, but AI generated code doesn’t result in a statistically significant increase in speed
don’t let your managers scare you into increased productivity. show them this paper straight from Anthropic.
New research just dropped by @alien2exe on hijacking OAuth popups via predictable window. open() targets.
The chain uses iframe name collision forcing the auth flow into a controlled context, eventually linking an attacker-controlled addon to leak workspace PII and config data
https://t.co/GbimNCyqxx
COME ON‼ I am super excited!🤗#QueenOfChess, Rory Kennedy’s new #documentary about my story is available on @netflix ‼
👇 Movie link in the comments - or check the Bio 👆
#ChessConnectsUs #TrueStories #IndieFilm #MoxiePictures #Honored #HumanStory #Socialimpact #InspiringStories #chess #DocumentaryFilm
I love security research and believe everyone has the potential to do it… which makes screening/rejecting research job applicants one of the hardest parts of my job. Have to remember a rejection is not a judgement of individual potential.
1. Open your browser console
2. Navigate to the Lighthouse tab
3. Select 'Desktop' as the device and uncheck everything except 'Best Practices' under Categories
4. Finally, click 'Analyze page load', and under the 'Trust and safety' section, you'll find a CSP report with possible bypasses! 🤠
I don't know who needs to hear this, but: If you're bug bounty hunting, test the main scope. There are far more bugs hiding there than you think...
TRAILER premiere! ❤
Rory Kennedy’s new documentary about my life, my way, Queen of Chess releases on @Netflix February 6th.✨
TRAILER👉 https://t.co/Gdmi5INjmM
#ChessConnectsUs #QueenOfChess @Netflix #Sundance2026 #SundanceFilmFestival #SundancePremiere #Netflix #Netflixpremiere #DocumentaryFilm #TrueStories #IndieFilm #MoxiePictures #Honored #WorldPremiere #HumanStory #Socialimpact #InspiringStories #trailer
Won Tata Steel Rapid and finished second in the Blitz.
There is critical vulnerability in React Server Components disclosed as CVE-2025-55182 that impacts React 19 and frameworks that use it.
A fix has been published in React versions 19.0.1, 19.1.2, and 19.2.1. We recommend upgrading immediately.
https://t.co/kue7kd0XEX
On the podium, Hou Yifan (who took Board 1 silver 🥈) congratulated IM Ulviyya Fataliyeva on her Board 1 gold for Azerbaijan! 🇦🇿🥇🥹
📷: Pavel Dvorkovich
I've just upgraded Turbo Intruder with a shiny new algorithm called HTTP Anomaly Rank, which automatically finds the most unusual responses in your attack! Here's a quick demo, full details in the writeup below: https://t.co/N53AuKe66x
I am excited to share a work we did in the Discovery team at @GoogleDeepMind using RL and generative models to discover creative chess puzzles 🔊♟️♟️ #neurips2025
🎨While strong chess players intuitively recognize the beauty of a position, articulating the precise elements that constitute creativity remains elusive. To address this, we pre-trained generative models on public datasets and then applied reinforcement learning, using novel rewards designed for uniqueness, counter-intuitiveness, realism, and novelty. This approach doubled the number of novel chess puzzles compared to the original training data, while successfully maintaining aesthetic diversity.
Three distinguished experts—International Master of chess compositions Amatzia Avni (author of "Creative Chess"), Grandmaster Jonathan Levitt @JonathanLevitt7 (author of "Secrets of Spectacular Chess"), and Grandmaster Matthew Sadler @gmmds (author of "Game Changer")—evaluated and selected the puzzles they found most compelling. Their preference was for puzzles exhibiting original, paradoxical, surprising, and naturally occurring positions, with particular emphasis on those that integrated aesthetic themes in innovative ways and demonstrated exceptional over-the-board vision.
🧩Try to solve the puzzles @chesscom: https://t.co/qHxXiWC427
HackerNotes TLDR for episode 144! — https://t.co/FYWKbM9FGR
►⠀Map client-side message flow aggressively: enumerate postMessage sinks, then hunt for JSON.parse followed by Object.assign to force prototype pollution via string-gated branches. Many apps gate on typeof === "string" before parsing. Craft inputs that pass the gate, then flip config flags unreachable to scanners by exploring dead-code paths and lazy-loaded chunks.
►⠀Abuse versioned config to hijack backends: if a version string resolves the WebSocket or API base URL, redirect to attacker-controlled infra.
►⠀Succeeding in LHEs and as a full-time Hunter:
⠀•⠀Optimize for MVH: target impact categories and bonus bug types the host company values.
⠀•⠀Collab with people who have expertise in different areas to cover more ground.
⠀•⠀Keep a tight routine: set fixed hacking blocks, schedule rest and study, and when focus drops, switch tasks instead of forcing it.
Today I have a more serious topic than usual, please consider reposting for reach:
My wife and I are urgently looking for a specialist in neuropediatrics or a similar field for our autistic child with a diagnosed, but not further specified, movement disorder [1/3]
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.4M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.6M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers