CommunityNews

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

hi, i’m daniel. i’m a 16-year-old high school senior. in my free time, i hack billion dollar companies and build cool stuff.

about a month ago, a couple of friends and I found serious critical vulnerabilities on Mintlify, an AI documentation platform used by some of the top companies in the world.

i found a critical cross-site scripting vulnerability that, if abused, would let an attacker to inject malicious scripts into the documentation of numerous companies and steal credentials from users with a single link open.

(go read my friends’ writeups (after this one))
how to hack discord, vercel, and more with one easy trick (eva)
Redacted by Counsel: A supply chain postmortem (MDL)

Read in full here:

gist.github.com

https://gist.github.com/hackermondev/5e2cdc32849405fff6b46957747a2d28

writeup.md

hi, i'm daniel. i'm a 16-year-old high school senior. in my free time, i [hack billion dollar companies](https://hackerone.com/daniel) and build cool stuff.

about a month ago, a couple of friends and I found serious critical vulnerabilities on Mintlify, an AI documentation platform used by some of the top companies in the world. 

i found a critical cross-site scripting vulnerability that, if abused, would let an attacker to inject malicious scripts into the documentation of numerous companies and steal credentials from users with a single link open.

(go read my friends' writeups (after this one)) <br>
[how to hack discord, vercel, and more with one easy trick (eva)](https://kibty.town/blog/mintlify/) <br>
[Redacted by Counsel: A supply chain postmortem (MDL)](https://heartbreak.ing/)

This file has been truncated. show original

View thread on forum

#twitter #discord #vercel #cursor

0 5 0

2025-12-19 03:36:03 UTC

Where Next?

View thread on forum

twitter

discord

vercel

cursor

Home General Dev>In The News

#twitter #discord #vercel #cursor

0 5 0

Last post

Popular General Dev topics

General Dev>In The News

Are top websites using WebGL for fingerprinting?

Site Fingerprinting google.com Yes youtube.com Yes Amazon.com Yes Yahoo.com Yes Zoom.us No Facebook.com Yes Reddit.com Ye...

jonatron.github.io

#webgl

0 1743 0

2021-04-20 20:29:34 UTC

New

General Dev>In The News

20 patterns to watch for in your engineering team (pdf)

A field guide to help you recognize achievement, spot A field guide to help you recognize achievement, spot bottlenecks, and debug your d...

pluralsight.com

0 1347 0

2021-04-30 16:14:17 UTC

New

General Dev>In The News

Kyria Build, Part 1: A wireless ergonomic keyboard

It has some interesting features: It’s entirely wireless (the left half speaks Bluetooth to the right half, and the right half speaks B...

ianthehenry.com

#ergonomic #keyboard

0 1719 0

2022-01-21 02:06:58 UTC

New

General Dev>In The News

22 years of Emacs

How a piece of advice became a lifestyle TABLE OF CONTENTS WHERE TO BEGIN… FIRST CONTACT PICKING EMACS FOR LIFE CHEATING ON EMACS SERE...

arjenwiersma.nl

/emacs

0 1470 0

2022-03-14 15:21:49 UTC

New

General Dev>In The News

LG 28-inch 16:18 DualUp Monitor

LG 28-inch 16:18 DualUp Monitor with Ergo Stand and USB Type-C™ (28MQ780-B) | LG USA. Shop LG 28MQ780-B on the official LG.com website ...

lg.com

12 2239 12

2022-09-01 19:28:37 UTC

New

General Dev>In The News

Writing a Python SQL engine from scratch

sqlglot/python_sql_engine.md at main · tobymao/sqlglot. Python SQL Parser and Transpiler. Contribute to tobymao/sqlglot development by c...

github.com

/python #sql #writing

0 1647 0

2023-01-27 14:38:38 UTC

New

General Dev>In The News

Why I like Clojure as a solo developer | Biff

Why I like Clojure as a solo developer | Biff. Most of the reasons fall into a few categories: data orientation, the JVM, and the REPL.

biffweb.com

/clojure

2 1519 2

2023-04-23 01:18:47 UTC

New

General Dev>In The News

The Definitive PHP 7.2, 7.3, 7.4, 8.0, and 8.1 Benchmarks (2023)

The Definitive PHP 7.2, 7.3, 7.4, 8.0, and 8.1 Benchmarks (2023). We tested the performance of 14 PHP platforms (WordPress, Drupal, Lara...

kinsta.com

/php

0 1888 0

2023-09-10 13:37:51 UTC

New

General Dev>In The News

Yoke is really cool

Infrastructure as code, but actually

xeiaso.net

2 707 1

2025-03-11 21:17:39 UTC

New

General Dev>In The News

GitSyncPad - Effortless Git Version Control

GitSyncPad is an innovative micro keypad designed for effortless Git version control. Execute commands like git add, git commit, and git ...

gitsyncpad.xyz

#git

0 616 0

2025-03-13 01:42:30 UTC

New

Other popular topics

Game Dev>Learning Resources

Apple Game Frameworks and Technologies

Design and develop sophisticated 2D games that are as much fun to make as they are to play. From particle effects and pathfinding to soci...

pragprog.com

#pragprog #ios #game-dev #macos /swift #published-book #apple /book-apple-game-frameworks-and-technologies

30 7995 10

2021-04-22 16:51:02 UTC

New

Data Science

Genetic Algorithms in Elixir

From finance to artificial intelligence, genetic algorithms are a powerful tool with a wide array of applications. But you don't need an ...

#pragprog #ai /elixir #published-book /book-genetic-algorithms-in-elixir

25 5243 6

2021-02-09 12:32:09 UTC

New

Game Dev>Learning Resources

Hands-on Rust: Effective Learning through 2D Game Development and Play

Rust is an exciting new programming language combining the power of C with memory safety, fearless concurrency, and productivity boosters...

pragprog.com

#pragprog /rust #published-book /book-hands-on-rust

117 10879 30

2024-11-09 13:24:20 UTC

New

General Dev>Code Editors

Dendron: a personal knowledge management tool on top of VSCode

/vscode #visual-studio-code

30 7372 9

2021-05-05 12:15:29 UTC

New

Backend>Learning Resources

Agile Web Development with Rails 7

Rails 7 completely redefines what it means to produce fantastic user experiences and provides a way to achieve all the benefits of single...

pragprog.com

#pragprog #web-development /ruby /rails #published-book /book-agile-web-development-with-rails-7

32 6600 9

2022-01-26 18:28:44 UTC

New

Game Dev>Questions

Can I use Java to program a game for Nintendo switch?

I am trying to crate a game for the Nintendo switch, I wanted to use Java as I am comfortable with that programming language. Can you use...

/java #nintendo

8 4771 3

2023-09-15 11:15:04 UTC

New

Community>In The Spotlight

Spotlight: Erin Dees (Author) Interview and AMA!

Author Spotlight Erin Dees @undees Welcome to our new author spotlight! We had the pleasure of chatting with Erin Dees, co-author of ...

#author-spotlight /ruby /rails /book-effective-testing-with-rspec-3 /book-seven-more-languages-in-seven-weeks /book-cucumber-recipes #rspec

24 4247 11

2023-03-27 15:52:01 UTC

New

Community>In The Spotlight

Spotlight: Bruce Tate (Author) Interview and AMA!

Author Spotlight: Bruce Tate @redrapids Programming languages always emerge out of need, and if that’s not always true, they’re defin...

/elixir /ruby /phoenix /book-seven-more-languages-in-seven-weeks /book-seven-languages-in-seven-weeks #liveview /book-programming-phoenix-liveview

54 5678 23

2023-10-17 17:14:03 UTC

New

General Dev>In The News

Jan: An open source alternative to ChatGPT that runs on the desktop

Jan | Rethink the Computer. Jan turns your computer into an AI machine by running LLMs locally on your computer. It’s a privacy-focus, l...

jan.ai

#desktop #chatgpt

4 5652 4

2024-03-29 08:42:30 UTC

New

AI>Questions

What are the best text-to-speech ai generation tools that you can run locally?

Background Lately I am in a quest to find a good quality TTS ai generation tool to run locally in order to create audio for some videos I...

#ai #text-to-speech

6 8411 3

2025-03-24 16:48:39 UTC

New

General Dev>In The News

Data centers in space makes no sense

General Dev>In The News

X office raided in France's Grok probe; Elon Musk summoned for questioning

General Dev>In The News

In Praise of –dry-run

General Dev>In The News

Building a Telegram Bot with Cloudflare Workers, Durable Objects and grammY

General Dev>In The News

Founding is a Snowball

General Dev>In The News

When will CSS Grid Lanes arrive? How long until we can use it?

General Dev>In The News

Netflix Animation Studios joins the Blender Development Fund as Corporate Patron

General Dev>In The News

At least 4 Wisconsin communities signed secrecy deals for billion-dollar data centers

General Dev>In The News

PeerWeb - Decentralized Website Hosting

General Dev>In The News

P vs. NP and the Difficulty of Computation: A Ruliological Approach

General Dev>In The News

General Dev In The News ❯

Latest on Devtalk

Quarkus 3.31.2 released!

Backend>Official News

Zotonic 0.91.0 released!

Backend>Official News

Need help with chatbot development (can pay $300 - $500)

AI>Chat

Introducing Deno Sandbox

Frontend>In The News

Sandboxing AI agents in Linux

Linux>In The News

Data centers in space makes no sense

General Dev>In The News

X office raided in France's Grok probe; Elon Musk summoned for questioning

General Dev>In The News

My thousand dollar iPhone can't do math

iOS>In The News

Fable 5.0.0-alpha.23 released!

Frontend>Official News

In Praise of –dry-run

General Dev>In The News

Thinking Elixir 290 - Postgres Finally Gets Real Search

Backend>Blogs/Talks

Node.js v25.6.0 released!

Backend>Official News

Nest v11.1.13 released!

Backend>Official News

React Native v0.84.0-rc.4 released!

Hybrid>Official News

V weekly.2026.06 released!

Backend>Official News

Devtalk ❯

We ❤️ helpful members!

We reward our most helpful members via our MOTM scheme - by giving away a whopping 25 books per year!

Sub Categories:

We're in Beta

About us Mission Statement See our Roadmap

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

CommunityNews

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

Where Next?

Popular General Dev topics

Are top websites using WebGL for fingerprinting?

20 patterns to watch for in your engineering team (pdf)

Kyria Build, Part 1: A wireless ergonomic keyboard

22 years of Emacs

LG 28-inch 16:18 DualUp Monitor

Writing a Python SQL engine from scratch

Why I like Clojure as a solo developer | Biff

The Definitive PHP 7.2, 7.3, 7.4, 8.0, and 8.1 Benchmarks (2023)

Yoke is really cool

GitSyncPad - Effortless Git Version Control

Other popular topics

Apple Game Frameworks and Technologies

Genetic Algorithms in Elixir

Hands-on Rust: Effective Learning through 2D Game Development and Play

Dendron: a personal knowledge management tool on top of VSCode

Agile Web Development with Rails 7

Can I use Java to program a game for Nintendo switch?

Spotlight: Erin Dees (Author) Interview and AMA!

Spotlight: Bruce Tate (Author) Interview and AMA!

Jan: An open source alternative to ChatGPT that runs on the desktop

What are the best text-to-speech ai generation tools that you can run locally?

Sponsor Spotlight

General Dev>In The News

Latest on Devtalk

We ❤️ helpful members!

Devtalk Sponsors

Categories:

Sub Categories:

Popular Portals

Devtalk Sponsors

We're in Beta