CommunityNews

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

hi, i’m daniel. i’m a 16-year-old high school senior. in my free time, i hack billion dollar companies and build cool stuff.

about a month ago, a couple of friends and I found serious critical vulnerabilities on Mintlify, an AI documentation platform used by some of the top companies in the world.

i found a critical cross-site scripting vulnerability that, if abused, would let an attacker to inject malicious scripts into the documentation of numerous companies and steal credentials from users with a single link open.

(go read my friends’ writeups (after this one))
how to hack discord, vercel, and more with one easy trick (eva)
Redacted by Counsel: A supply chain postmortem (MDL)

Read in full here:

gist.github.com

https://gist.github.com/hackermondev/5e2cdc32849405fff6b46957747a2d28

writeup.md

hi, i'm daniel. i'm a 16-year-old high school senior. in my free time, i [hack billion dollar companies](https://hackerone.com/daniel) and build cool stuff.

about a month ago, a couple of friends and I found serious critical vulnerabilities on Mintlify, an AI documentation platform used by some of the top companies in the world. 

i found a critical cross-site scripting vulnerability that, if abused, would let an attacker to inject malicious scripts into the documentation of numerous companies and steal credentials from users with a single link open.

(go read my friends' writeups (after this one)) <br>
[how to hack discord, vercel, and more with one easy trick (eva)](https://kibty.town/blog/mintlify/) <br>
[Redacted by Counsel: A supply chain postmortem (MDL)](https://heartbreak.ing/)

This file has been truncated. show original

View thread on forum

#twitter #discord #vercel #cursor

0 5 0

2025-12-19 03:36:03 UTC

Where Next?

View thread on forum

twitter

discord

vercel

cursor

Home General Dev>In The News

#twitter #discord #vercel #cursor

0 5 0

Last post

Popular General Dev topics

General Dev>In The News

Call an Exorcist! My Robot’s Possessed! | McAfee Blogs

As part of our continued goal of helping developers provide safer products for businesses and consumers, we here at McAfee Advanced Threa...

mcafee.com

/security #api #tech-news-source

3 1623 1

2021-02-26 20:44:03 UTC

New

General Dev>In The News

Kyria Build, Part 1: A wireless ergonomic keyboard

It has some interesting features: It’s entirely wireless (the left half speaks Bluetooth to the right half, and the right half speaks B...

ianthehenry.com

#ergonomic #keyboard

0 1719 0

2022-01-21 02:06:58 UTC

New

General Dev>In The News

Helix, a Kakoune inspired Vim-model text editor (written in Rust)

Yet another rust-made text editor, though I’m really liking the looks of how this one works!

/rust

5 2708 1

2022-03-30 14:44:03 UTC

New

General Dev>In The News

LiveKit – open-source, high performance WebRTC infrastructure

GitHub - livekit/livekit: Scalable, high-performance WebRTC SFU. SDKs in JavaScript, React, React Native, Flutter, Swift, Kotlin, Unity/C...

github.com

#infrastructure #performance #webrtc

1 1773 1

2022-12-02 07:18:47 UTC

New

General Dev>In The News

I made a home security system, powered by a Raspberry Pi 3

Raspberry Pi security alarm — the basics. In November last year — I started building a DIY security alarm system, using a Raspberry Pi a...

blog.cavelab.dev

/security

0 2261 0

2023-01-01 15:50:18 UTC

New

General Dev>In The News

Tim Cook to take 50% pay hit after shareholder feedback

Apple’s Tim Cook to take 50% pay hit after shareholder feedback. ‘Target compensation’ for CEO down from $99.4m in 2022 to an expected $...

theguardian.com

#feedback

0 1856 0

2023-01-13 17:12:56 UTC

New

General Dev>In The News

Writing a Python SQL engine from scratch

sqlglot/python_sql_engine.md at main · tobymao/sqlglot. Python SQL Parser and Transpiler. Contribute to tobymao/sqlglot development by c...

github.com

/python #sql #writing

0 1647 0

2023-01-27 14:38:38 UTC

New

General Dev>In The News

Testing Intel’s Arc A770 GPU for Deep Learning

Christian Mills - Testing Intel’s Arc A770 GPU for Deep Learning Pt. 2. This post covers my experience training image classification mod...

christianjmills.com

#testing #learning #intel

0 1940 0

2023-08-09 15:00:13 UTC

New

General Dev>In The News

Why Python is terrible

Why Python is terrible… Nice language, but unsuitable for most professional purposes

josvisser.substack.com

/python

8 1314 6

2024-04-06 04:17:41 UTC

New

General Dev>In The News

Lessons learned after 3 years of fulltime Rust game development, and why we're leaving Rust behind

Once you get good at Rust all of these problems will go away Rust being great at big refactorings solves a largely self-inflicted issues ...

loglog.games

/rust #development

0 1437 0

2024-04-29 13:12:55 UTC

New

Other popular topics

General Dev>Dev Chat

What are you listening to?

A thread that every forum needs! Simply post a link to a track on YouTube (or SoundCloud or Vimeo amongst others!) on a separate line an...

#community #music

202 5126 102

2025-07-26 22:00:31 UTC

New

Backend>Learning Resources

Seven Languages in Seven Weeks

Ruby, Io, Prolog, Scala, Erlang, Clojure, Haskell. With Seven Languages in Seven Weeks, by Bruce A. Tate, you’ll go beyond the syntax—and...

pragprog.com

#pragprog /clojure /erlang /haskell /prolog /ruby /scala #published-book /book-seven-languages-in-seven-weeks

5 5730 1

2022-01-20 13:48:55 UTC

New

General Dev>Dev Chat

Standing Desks

No chair. I have a standing desk. This post was split into a dedicated thread from our thread about chairs :slight_smile:

#workspace #opinions

177 9554 77

2022-09-27 18:40:05 UTC

New

Backend>In The News

Bit – A modernized Git CLI written in Go

github.com

/go #git

1 5920 0

2020-10-12 18:31:12 UTC

New

General Dev>Hardware

Planck vs Preonic vs Subatomic (Keyboards)

I ended up cancelling my Moonlander order as I think it’s just going to be a bit too bulky for me. I think the Planck and the Preonic (o...

/keyboards #mechanical-keyboards #ortholinear #planck #preonic

105 17596 47

2021-05-28 21:32:35 UTC

New

General Dev>Dev Chat

Languages Without Garbage Collection

Continuing the discussion from Thinking about learning Crystal, let’s discuss - I was wondering which languages don’t GC - maybe we can c...

#garbage-collection

21 5575 7

2021-05-06 05:54:58 UTC

New

Backend>Chat

Data Structures and Algorithms with Elixir

This is going to be a long an frequently posted thread. While talking to a friend of mine who has taken data structure and algorithm cou...

/elixir #algorithms #data-structures

108 11869 31

2024-11-14 02:14:00 UTC

New

General Dev>In The News

X can’t stop spread of explicit, fake AI Taylor Swift images

Will Swifties’ war on AI fakes spark a deepfake porn reckoning?

arstechnica.com

/swift

0 8379 0

2024-01-26 05:47:12 UTC

New

General Dev>In The News

Review of Linux on Minisforum V3 AMD Ryzen Tablet

A Brief Review of the Minisforum V3 AMD Tablet. Update: I have created an awesome-minisforum-v3 GitHub repository to list information fo...

mudkip.me

#linux #review #amd

0 4635 0

2024-06-24 02:26:38 UTC

New

AI>Questions

What are the best text-to-speech ai generation tools that you can run locally?

Background Lately I am in a quest to find a good quality TTS ai generation tool to run locally in order to create audio for some videos I...

#ai #text-to-speech

6 8411 3

2025-03-24 16:48:39 UTC

New

General Dev>In The News

Bose is open-sourcing its old smart speakers instead of bricking them

General Dev>In The News

Building Voice Agents with NVIDIA Open Models

General Dev>In The News

Npm to Implement Staged Publishing After Turbulent Shift Off

General Dev>In The News

From Puzzle to Passkey: Physical Authentication Through Rubik’s Cube Scrambles

General Dev>In The News

2026 Predictions Scorecard

General Dev>In The News

We might have been slower to abandon StackOverflow if it wasn't a toxic hellhole

General Dev>In The News

Commodore 64 floppy drive has the power to be a computer — bulky 1982 5.25 inch drive packs a 1 MHz MOS 6502 CPU

General Dev>In The News

Vienam Bans Unskippable Ads, Requires Skip Button to Appear After 5 Seconds

General Dev>In The News

How Spotify Made Me Self Host

General Dev>In The News

CES 2026: Taking the Lids off AMD's Venice and MI400 SoCs

General Dev>In The News

General Dev In The News ❯

Latest on Devtalk

How do you test your ideas for projects - open-source or apps?

General Dev>Questions

Ruby on Rails v8.1.2 released!

Backend>Official News

Nvidia’s new G-Sync Pulsar monitors target motion blur at the human retina level

Game Dev>In The News

Computer scientist Yann LeCun: “Intelligence really is about learning”

AI>In The News

Bose is open-sourcing its old smart speakers instead of bricking them

General Dev>In The News

Newer AI Coding Assistants Are Failing in Insidious Ways

AI>In The News

Keploy - Open-Source Framework for Recording Application Behavior and Generating Reliable Integration and API Tests

Backend>Libraries/Tools

Kotlin v2.3.20-Beta1 released!

Backend>Official News

React Native v0.84.0-rc.0 released!

Hybrid>Official News

Nest v10.4.21 released!

Backend>Official News

Clojure Deref (Jan 7, 2026)

Backend>Official News

Tailwind has laid off 75% of their team

AI>In The News

Building Voice Agents with NVIDIA Open Models

General Dev>In The News

America's New Dietary Guidelines

Science/Tech>Health & Diet

Npm to Implement Staged Publishing After Turbulent Shift Off

General Dev>In The News

Devtalk ❯

We ❤️ helpful members!

We reward our most helpful members via our MOTM scheme - by giving away a whopping 25 books per year!

Sub Categories:

We're in Beta

About us Mission Statement See our Roadmap

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

CommunityNews

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

Where Next?

Popular General Dev topics

Call an Exorcist! My Robot’s Possessed! | McAfee Blogs

Kyria Build, Part 1: A wireless ergonomic keyboard

Helix, a Kakoune inspired Vim-model text editor (written in Rust)

LiveKit – open-source, high performance WebRTC infrastructure

I made a home security system, powered by a Raspberry Pi 3

Tim Cook to take 50% pay hit after shareholder feedback

Writing a Python SQL engine from scratch

Testing Intel’s Arc A770 GPU for Deep Learning

Why Python is terrible

Lessons learned after 3 years of fulltime Rust game development, and why we're leaving Rust behind

Other popular topics

What are you listening to?

Seven Languages in Seven Weeks

Standing Desks

Bit – A modernized Git CLI written in Go

Planck vs Preonic vs Subatomic (Keyboards)

Languages Without Garbage Collection

Data Structures and Algorithms with Elixir

X can’t stop spread of explicit, fake AI Taylor Swift images

Review of Linux on Minisforum V3 AMD Ryzen Tablet

What are the best text-to-speech ai generation tools that you can run locally?

Sponsor Spotlight

General Dev>In The News

Latest on Devtalk

We ❤️ helpful members!

Devtalk Sponsors

Categories:

Sub Categories:

Popular Portals

Devtalk Sponsors

We're in Beta