Olivia
Online
Suchith Narayan
@narayansuchith
Staff Security Engineer @Razorpay | Security Researcher | OSCP | PACOSP | OSInt | AppSec | Synack Red Team | Detectify | CEH
Bengaluru, India
Joined November 2011
1.2K Following
355 Followers
446 Posts
Pinned Tweet
We've open sourced ActionsGuardHub. This tool helps identify malicious GitHub Actions.(Similar to tj-actions compromise)
We'd love for you to try it out and contribute to its development. Check out the repository here: https://t.co/CAK0izcQ35
#CyberSecurityMonth #githubsecurity
🕵️♂️ Ever wonder what your GitHub Actions are really doing behind the scenes?
With recent incidents like the compromise of popular actions such as tj-actions and reviewdog, the CI/CD supply chain is proving to be a juicy target for attackers.
We are pleased to welcome Suchith Narayan, Staff Security Engineer @Razorpay to the technical speaker lineup at VULNCON 2026.
Specializing in Application Security, Product Security, CI/CD Security, Secure Software Development, and Threat Modeling, Suchith brings extensive experience in securing modern applications and development ecosystems. His work spans critical areas including AI security, software supply chain security, vulnerability assessment, and secure code practices.
Join us at VULNCON 2026 to gain valuable perspectives on securing today's rapidly evolving technology landscape.
📍 NIMHANS Convention Centre, Bengaluru
📅 12th & 13th June, 2026
Final Chance: Last Minute Sale ends on 9th June
https://t.co/f0N3NtzFcT
#VULNCON2026 #Vulncon #AppSec #ProductSecurity #AISecurity #DevSecOps #ThreatModeling #CyberSecurity
🚨 The "𝙼𝚎𝚐𝚊𝚕𝚘𝚍𝚘𝚗" Campaign is live...
𝟻,𝟽𝟷𝟾 malicious commits to 𝟻,𝟻𝟼𝟷 GitHub repositories in a six-hour window.
Using throwaway accounts and forged author identities (build-bot, auto-ci, ci-bot, pipeline-bot), the attacker injected 𝙶𝚒𝚝𝙷𝚞𝚋 𝙰𝚌𝚝𝚒𝚘𝚗𝚜 workflows containing 𝚋𝚊𝚜𝚎𝟼𝟺-𝚎𝚗𝚌𝚘𝚍𝚎𝚍 bash payloads that exfiltrate:
- CI secrets,
- cloud credentials
- SSH keys
- OIDC tokens
- source code secrets
Check your repo / Technical details: https://t.co/tua3jYU1wa
🚨 Major supply chain attack targeting npm is in progress. Multiple packages compromised and injected with Shai-Hulud style malware.
[email protected] (4.2M dl/mo)
[email protected] (3.8M dl/mo)
@antv/[email protected] (2.2M dl/mo)
[email protected] (1.15M)
@antv/[email protected] (1M)
@antv/[email protected] (1.1M)
@antv/[email protected] (975K)
@antv/[email protected] (883K)
@antv/[email protected] (751K)
@antv/[email protected]
[email protected] (4.2M)
[email protected] (1.15M)
@antv/[email protected] (1M)
@antv/[email protected] (975K)
@antv/[email protected] (751K)
@antv/[email protected] (1.25M)
@antv/[email protected] (547K)
Who to follow
Null Bangalore
@Nullblr
The Bangalore chapter of India's largest open security community, NULL @null0x00.
Safia Ahmed
@r0s37
Independent Security Researcher.
Bug Bounty 💗
If any organization need to test their project Ping Me.
Priyanshu
@priyanshu_xo
full time bug bounty hunter https://t.co/Z1PExchTcf
Gryph v0.7.0 is out.
Among other improvements, it fixes a community reported vulnerability in how Gryph documents log levels and applies sensitive file content filter.
We transparently disclosed the issue via. GitHub. Assigned a CVE. Released a new version with fix.
Another day, another false positive in OSV and GHSA.
We’ve identified that the popular npm package hls.js (4.5M weekly downloads) has been incorrectly flagged as malicious in versions 1.7.0-alpha.1.0.canary.11764 and 1.7.0-alpha.1.0.canary.11765.
Despite being pulled from npm, our analysis confirms these canary versions are legitimate. Automated flagging without manual verification continues to cause unnecessary friction for developers. We have contacted GitHub to ensure this false positive is removed.
Advisories:
MAL-2026-3019
GHSA-pq9g-f2rr-m4hw
#AppSec #SupplyChainSecurity #Malware #FalsePositive #hlsjs
OpenClaw is the fastest-growing open source project, but there are no stories of running it safely in production at scale. As we started deploying agents internally at @brexHQ, we couldn’t stop thinking about this question.
Agents work, but nobody wants to give them real credentials. Instead of waiting for a solution to emerge, we decided to try a novel approach: using LLMs to judge the network traffic of an AI agent.
Today we’re announcing CrabTrap, an open-source proxy that intercepts every outbound request and blocks risky activity using LLMs, before it ever hits an external API. The results are promising; we believe it’s a meaningful step forward in the security of agent harnesses in production environments.
Try it out today.
(As a side note, it was really fun to work personally on a real systems problem again. And btw, if you want to work at a place where the CEO is building proxies at night, we’re hiring!)
js-logger-pack - Interesting malicious package being iterated on npm
- C2 IP at Hetzner (likely proxy)
- ws://195[.]201[.]194[.]107:8010
- hxxp://195[.]201[.]194[.]107:8010/api/validate/*
- hxxps://api-sub.jrodacooker[.]dev
- copilot-ai.whisdev[.]org
Obfuscated. Credential stealer. Remote access on Linux servers.
Dependency cool-down enforcement is coming in PMG. npm first. Then pypi. Coupled with sandbox, it should reasonably protect developers (including us) against current day supply chain attacks.
So now someone contributing a PR to pin GitHub Actions in a repository "is" a way to compromise the repository by using imposter commits.
Trust SHA1 or keep GHAs pinned to tags. Best practices are currently shaky.
Gryph integration with OpenCode.
With this, Gryph now integrates with most popular coding agents. We are intentionally keeping the scope focussed. Log, audit, search and export for now. Security policies next.
Free and open source. Built in public.
https://t.co/v3vu6tvEoT
The new version of Gryph contains a nifty --sensitive query param. Allows you to query for all sensitive files touched by coding agents.
You can add your own sensitive file patterns or use the reasonable defaults available out of the box.
@abh1sek gemini-cli supports it too
Shipping malicious package protection to your AI Agents and IDEs. Hosted MCP server.
Stop Shai-Hulud style software supply chain attacks while you are in YOLO mode.
Got this done today. Writing docs. Should be out soon.
@mattpocockuk Here's something with hooks that can be used -
https://t.co/6lVkberDRW
Ever worried your AI agent might accidentally run rm -rf / or kubectl delete?
Agent Security Hooks is a security layer that
- Blocks dangerous shell commands
- Protects .env & secrets
https://t.co/XvVq6O9bN1
#AISecurity
@abh1sek 🙋🏼♂️ in progress
Ever worried your AI agent might accidentally run rm -rf / or kubectl delete?
Agent Security Hooks is a security layer that
- Blocks dangerous shell commands
- Protects .env & secrets
https://t.co/XvVq6O9bN1
#AISecurity
Do you actually know which LLMs are running inside your codebase? 🕵️♂️
AI Spotter can help you get this visibility.
Scans GitHub repos, Detects AI Usage, Maps your organization's AI footprint
https://t.co/dSkka7pIN5
#AISecurity #AppSec #DevSecOps #LLM #CyberSecurity
We are thrilled to welcome Hari Prasad Pujari and Suchith Narayan to the stage at OWASP AppSec Days Bangalore 2025!
🌐 More details & registration: https://t.co/DGl0IPZjCJ
#OWASP #AppSecDays #AppSecDaysBangalore2025 #CyberSecurity #InfoSec #KeynoteSpeaker #OWASPKeynoteSpeaker
Last Seen Users on Sotwe
あき🪽 
Seen from Korea
.
Seen from Vietnam
el intenso
Seen from Peru
🇮🇱-🇮🇶𖤍 Black - يوسف - ♠️
Seen from Egypt
Giant Ass London peach 🇧🇷🍑
Seen from Chile
Bursa Teşhir Seven çiftiz
Seen from Turkey
Kicci Caribo
Seen from Indonesia
OLGUN GEZGIN 50
Seen from Turkey
Olga Miranda
Seen from United States
C2 🫶🏻😸
Seen from Malaysia
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.1M followers
Taylor Swift
@taylorswift13
80.9M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.7M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.2M followers