Pydantic offered $5,000 to escape Monty, their Rust-built Python sandbox for AI agents. We chained two GC bugs into a use-after-free and walked away with the bounty.
Malicious dApps can impersonate trusted apps and disguise Solana transactions as harmless message signatures, allowing potential fund theft when chained together.
We found a 1-click RCE in Block's Goose AI agent - any website could silently execute commands on your machine.
We spun out of the #1 hacking team in the US and raised a $3.2M seed to make getting hacked a thing of the past.
How Missing Index Checks Allows Full Proof Forgery
How MCP Authentication Flaws Enable RCE in Claude Code, Gemini CLI, and More
