🧵 We just discovered critical RCE vulnerabilities in popular AI coding tools including Claude Code and Gemini CLI. The issue: These tools use OAuth for MCP (Model Context Protocol) authentication, but don't validate authorization URLs from servers.

yay! lowk gave them the wrong twitter tag oops

finding time to read so hard I might have to resort to dark art of listening to audio books

shoutout to Grey Baker who has been absolutely fantastic to work with and has given us a lot of amazing advice about the security industry

We're officially top 3 in the world on CTFtime for 2025, up from 13th last year! yay This year, we also: - hosted the first ever smileyCTF, with 1,000+ teams playing - went to in-person CTFs in Switzerland, Las Vegas, NYC * 2 - qualified for SECCON and LakeCTF 2026 finals

We hacked a Times Square billboard! jk! Brex put us up there for YC F25. Back to actually finding security vulnerabilities.

youtube.com/watch?v=kKt46L… cool youtube channel also cute channel name, i reccomend

Went to Y Combinator startup school last year, ended up having dinner w/ visiting partner Harshita Arora decided to apply for the fall batch and got in after :) if you're at all interested in startups, highly recommend applying, free sf trip and a life changing two days

We just qualified 2 teams for DiceCTF Finals, with one of our teams getting 2nd place overall! Congrats BunkyoWesterns on winning and we'll see everyone in NYC! insert line about llms ruining ctfs here

We at Veria Labs built an autonomous CTF agent in a weekend and won 1st place at BSidesSF 2026, solving all 52/52 challenges. It races multiple AI models (Claude, GPT-5.4) in parallel, each in isolated Docker sandboxes with full CTF tooling. A coordinator LLM reads solver

Starting a series where we write up interesting vulns our agent at Veria Labs finds: First up, 1-click RCE in Goose, Block's coding agent with 33k+ stars: verialabs.com/blog/securing-… Goose was vulnerable to CSWSH, allowing an attacker-controlled website to run arbitrary commands.