CommunityNews

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

hi, i’m daniel. i’m a 16-year-old high school senior. in my free time, i hack billion dollar companies and build cool stuff.

about a month ago, a couple of friends and I found serious critical vulnerabilities on Mintlify, an AI documentation platform used by some of the top companies in the world.

i found a critical cross-site scripting vulnerability that, if abused, would let an attacker to inject malicious scripts into the documentation of numerous companies and steal credentials from users with a single link open.

(go read my friends’ writeups (after this one))
how to hack discord, vercel, and more with one easy trick (eva)
Redacted by Counsel: A supply chain postmortem (MDL)

Read in full here:

gist.github.com

https://gist.github.com/hackermondev/5e2cdc32849405fff6b46957747a2d28

writeup.md

hi, i'm daniel. i'm a 16-year-old high school senior. in my free time, i [hack billion dollar companies](https://hackerone.com/daniel) and build cool stuff.

about a month ago, a couple of friends and I found serious critical vulnerabilities on Mintlify, an AI documentation platform used by some of the top companies in the world. 

i found a critical cross-site scripting vulnerability that, if abused, would let an attacker to inject malicious scripts into the documentation of numerous companies and steal credentials from users with a single link open.

(go read my friends' writeups (after this one)) <br>
[how to hack discord, vercel, and more with one easy trick (eva)](https://kibty.town/blog/mintlify/) <br>
[Redacted by Counsel: A supply chain postmortem (MDL)](https://heartbreak.ing/)

This file has been truncated. show original

View thread on forum

#twitter #discord #vercel #cursor

0 5 0

2025-12-19 03:36:03 UTC

Where Next?

View thread on forum

twitter

discord

vercel

cursor

Home General Dev>In The News

#twitter #discord #vercel #cursor

0 5 0

Last post

Popular General Dev topics

General Dev>In The News

Are top websites using WebGL for fingerprinting?

Site Fingerprinting google.com Yes youtube.com Yes Amazon.com Yes Yahoo.com Yes Zoom.us No Facebook.com Yes Reddit.com Ye...

jonatron.github.io

#webgl

0 1743 0

2021-04-20 20:29:34 UTC

New

General Dev>In The News

Logitech Pop Keys review: Reliable wireless mechanical keyboard with a divisive style

Mediocre typing feel overshadows reliable wireless and fantastic battery life.

arstechnica.com

/keyboards #review

0 1557 0

2021-11-12 07:10:34 UTC

New

General Dev>In The News

DOD: Guidance on Software Development and Open Source Software (pdf)

MEMORANDUM FOR SENIOR PENTAGON LEADERSHIP COMMANDANT OF THE COAST GUARD COMMANDERS OF THE COMBATANT COMMANDS DEFENSE AGENCY AND DOD FIEL...

dodcio.defense.gov

#development #pdf

0 2029 0

2022-01-27 14:32:09 UTC

New

General Dev>In The News

There’s No Such Thing as Clean Code

Everyone seems to be striving for ‘clean’ code at the moment. You can’t read a blog post without the author telling you how clean their a...

steveonstuff.com

#code

31 1701 9

2022-03-28 00:29:57 UTC

New

General Dev>In The News

Developing Godot Projects with Neovim

Developing Godot Projects with Neovim. When I started using Godot Engine, what surprised me the most is the built-in Language Server Pro...

devpoga.org

/neovim

0 1983 0

2022-07-27 13:30:06 UTC

New

General Dev>In The News

Fish shell to be rewritten in Rust

Rewrite it in Rust by ridiculousfish · Pull Request #9512 · fish-shell/fish-shell. (Sorry for the meme; also this is obligatory.) I thi...

github.com

/rust #shell #fish

0 1424 0

2023-01-31 15:59:23 UTC

New

General Dev>In The News

Whatever happened to Elm, anyway?

Whatever happened to Elm, anyway?. I see this question pop up quite frequently in lots of different arenas - folks are curious as to wha...

derw.substack.com

/elm

17 1275 12

2025-04-21 03:57:49 UTC

New

General Dev>In The News

Jan: An open source alternative to ChatGPT that runs on the desktop

Jan | Rethink the Computer. Jan turns your computer into an AI machine by running LLMs locally on your computer. It’s a privacy-focus, l...

jan.ai

#desktop #chatgpt

4 5652 4

2024-03-29 08:42:30 UTC

New

General Dev>In The News

Distributed Systems Programming Has Stalled

Over the last decade, we’ve seen great advancements in distributed systems, but the way we program them has seen few fundamental improvem...

shadaj.me

#programming

4 981 2

2025-03-10 05:54:07 UTC

New

General Dev>In The News

The Meter, Golden Ratio, Pyramids, and Cubits, Oh My

The French originated the meter in the 1790s as one/ten-millionth of the distance from the equator to the north pole along a meridian thr...

iforgeiron.com

0 592 0

2025-03-12 16:36:27 UTC

New

Other popular topics

Community>Journals

Programming Erlang Book Club

My first contact with Erlang was about 2 years ago when I used RabbitMQ, which is written in Erlang, for my job. This made me curious and...

/erlang /book-programming-erlang-2nd-edition #book-club

195 6815 95

2025-02-16 20:22:17 UTC

New

Backend>Chat

Using Regular Expressions in Erlang

Intensively researching Erlang books and additional resources on it, I have found that the topic of using Regular Expressions is either c...

/erlang #regular-expressions

91 5662 43

2021-09-06 19:12:48 UTC

New

General Dev>Dev Chat

Warp—The blazingly fast, Rust-based terminal

A few weeks ago I started using Warp a terminal written in rust. Though in it’s current state of development there are a few caveats (tab...

/rust #terminal

52 6785 22

2025-02-26 17:47:24 UTC

New

Backend>Learning Resources

Agile Web Development with Rails 7

Rails 7 completely redefines what it means to produce fantastic user experiences and provides a way to achieve all the benefits of single...

pragprog.com

#pragprog #web-development /ruby /rails #published-book /book-agile-web-development-with-rails-7

32 6600 9

2022-01-26 18:28:44 UTC

New

Community>In The Spotlight

Spotlight: Rebecca Skinner (Author) Interview and AMA!

Author Spotlight Rebecca Skinner @RebeccaSkinner Welcome to our latest author spotlight, where we sit down with Rebecca Skinner, auth...

#author-spotlight /haskell /book-effective-haskell

106 11719 28

2022-11-16 10:29:37 UTC

New

Android>Questions

Clipboard readtext not working in android webview

Inside our android webview app, we are trying to paste the copied content from another app eg (notes) using navigator.clipboard.readtext ...

#android #clipboard

1 5651 0

2022-09-27 18:52:03 UTC

New

Community>In The Spotlight

Spotlight: Peter Ullrich (Author) Interview and AMA!

Author Spotlight: Peter Ullrich @PJUllrich Data is at the core of every business, but it is useless if nobody can access and analyze ...

/elixir /phoenix /book-building-table-views-with-phoenix-liveview

72 4765 21

2023-10-17 17:07:59 UTC

New

General Dev>Learning Resources

A Common-Sense Guide to Data Structures and Algorithms in Python, Volume 1

Big O Notation can make your code faster by orders of magnitude. Get the hands-on info you need to master data structures and algorithms ...

pragprog.com

#pragprog /python #published-book /book-a-common-sense-guide-to-data-structures-and-algorithms-in-python-volume-1

24 5988 11

2024-01-29 15:52:29 UTC

New

General Dev>In The News

Jan: An open source alternative to ChatGPT that runs on the desktop

Jan | Rethink the Computer. Jan turns your computer into an AI machine by running LLMs locally on your computer. It’s a privacy-focus, l...

jan.ai

#desktop #chatgpt

4 5652 4

2024-03-29 08:42:30 UTC

New

General Dev>In The News

Review of Linux on Minisforum V3 AMD Ryzen Tablet

A Brief Review of the Minisforum V3 AMD Tablet. Update: I have created an awesome-minisforum-v3 GitHub repository to list information fo...

mudkip.me

#linux #review #amd

0 4635 0

2024-06-24 02:26:38 UTC

New

General Dev>In The News

Beyond Instagram: Introducing the next generation of social apps

General Dev>In The News

News about Raspberry Pi 6 and Microcontroller Development

General Dev>In The News

Cleaner tech job search · Caio

General Dev>In The News

Strangely, Matrix Multiplications on GPUs Run Faster When Given "Predictable" Data! [short]

General Dev>In The News

What is a Direct Attach Copper (DAC) Cable?

General Dev>In The News

More than a decade later, the team behind N++ is back with a multiplayer sequel

General Dev>In The News

Transformers Are Inherently Succinct

General Dev>In The News

Kevin O’Leary agrees to downsize massive Utah data center

General Dev>In The News

I Made a Million Dollar Product from My Dorm Room

General Dev>In The News

Trillions of miles of data: Your car is spying on you, and it's only just the beginning

General Dev>In The News

General Dev In The News ❯

Latest on Devtalk

Nest v11.1.25 released!

Backend>Official News

Beyond Instagram: Introducing the next generation of social apps

General Dev>In The News

The gamers taking on the industry to stop it switching off games

Game Dev>In The News

News about Raspberry Pi 6 and Microcontroller Development

General Dev>In The News

Using Tailscale with an OrbStack VM on macOS

macOS>In The News

Postgres-backed Durable Workflow Execution | DBOS

Backend>In The News

Cleaner tech job search · Caio

General Dev>In The News

Sam Altman and Dario Amodei are both walking back their AI jobs apocalypse prophecies as they eye blockbuster IPOs | Fortune

AI>In The News

Various LLM smells

AI>In The News

Introducing Claude Opus 4.8

AI>In The News

Introducing dynamic workflows | Claude

AI>In The News

Social Animus

AI>In The News

How are you structuring Seedance 2.0 prompts for stable video output?

AI>Blogs/Talks

Strangely, Matrix Multiplications on GPUs Run Faster When Given "Predictable" Data! [short]

General Dev>In The News

What is a Direct Attach Copper (DAC) Cable?

General Dev>In The News

Devtalk ❯

We ❤️ helpful members!

We reward our most helpful members via our MOTM scheme - by giving away a whopping 25 books per year!

Sub Categories:

We're in Beta

About us Mission Statement See our Roadmap

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

CommunityNews

How we pwned X (Twitter), Vercel, Cursor, Discord, and hundreds of companies through a supply-chain attack

Where Next?

Popular General Dev topics

Are top websites using WebGL for fingerprinting?

Logitech Pop Keys review: Reliable wireless mechanical keyboard with a divisive style

DOD: Guidance on Software Development and Open Source Software (pdf)

There’s No Such Thing as Clean Code

Developing Godot Projects with Neovim

Fish shell to be rewritten in Rust

Whatever happened to Elm, anyway?

Jan: An open source alternative to ChatGPT that runs on the desktop

Distributed Systems Programming Has Stalled

The Meter, Golden Ratio, Pyramids, and Cubits, Oh My

Other popular topics

Programming Erlang Book Club

Using Regular Expressions in Erlang

Warp—The blazingly fast, Rust-based terminal

Agile Web Development with Rails 7

Spotlight: Rebecca Skinner (Author) Interview and AMA!

Clipboard readtext not working in android webview

Spotlight: Peter Ullrich (Author) Interview and AMA!

A Common-Sense Guide to Data Structures and Algorithms in Python, Volume 1

Jan: An open source alternative to ChatGPT that runs on the desktop

Review of Linux on Minisforum V3 AMD Ryzen Tablet

Sponsor Spotlight

General Dev>In The News

Latest on Devtalk

We ❤️ helpful members!

Devtalk Sponsors

Categories:

Sub Categories:

Popular Portals

Devtalk Sponsors

We're in Beta