[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]

# ![@gothburz Avatar](https://lunarcrush.com/gi/w:26/cr:twitter::941820928274681856.png) @gothburz Peter Girnus 🦅

Peter Girnus 🦅 posts on X about target, zero trust, bounty, ai the most. They currently have XXXXX followers and XX posts still getting attention that total XXXXXXX engagements in the last XX hours.

### Engagements: XXXXXXX [#](/creator/twitter::941820928274681856/interactions)
![Engagements Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::941820928274681856/c:line/m:interactions.svg)

- X Week XXXXXXXXX +1,886%
- X Month XXXXXXXXX +903%
- X Months XXXXXXXXX +463%
- X Year XXXXXXXXX +1,470%

### Mentions: XX [#](/creator/twitter::941820928274681856/posts_active)
![Mentions Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::941820928274681856/c:line/m:posts_active.svg)

- X Week XX -XXXX%
- X Month XXX +145%
- X Months XXX +32%
- X Year XXXXX +669%

### Followers: XXXXX [#](/creator/twitter::941820928274681856/followers)
![Followers Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::941820928274681856/c:line/m:followers.svg)

- X Week XXXXX +69%
- X Month XXXXX +67%
- X Months XXXXX -XX%
- X Year XXXXX +924%

### CreatorRank: XXXXXX [#](/creator/twitter::941820928274681856/influencer_rank)
![CreatorRank Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::941820928274681856/c:line/m:influencer_rank.svg)

### Social Influence

**Social category influence**
[technology brands](/list/technology-brands)  #6556 [stocks](/list/stocks)  #1165 [social networks](/list/social-networks)  XXXX% [finance](/list/finance)  XXX% [countries](/list/countries)  XXXX% [nfts](/list/nfts)  XXXX% [ncaa football](/list/ncaa-football)  XXXX%

**Social topic influence**
[target](/topic/target) #1706, [zero trust](/topic/zero-trust) #3, [bounty](/topic/bounty) #13, [ai](/topic/ai) 3.7%, [linkedin](/topic/linkedin) #104, [the world](/topic/the-world) 2.47%, [shell](/topic/shell) #213, [financial education](/topic/financial-education) 1.23%, [education](/topic/education) 1.23%, [longterm](/topic/longterm) XXXX%

**Top accounts mentioned or mentioned by**
[@amousyl](/creator/undefined) [@projhastings](/creator/undefined) [@dormantdev](/creator/undefined) [@jamieantisocial](/creator/undefined) [@atlantadiver](/creator/undefined) [@galvanhacking](/creator/undefined) [@almartiros](/creator/undefined) [@bywirenews](/creator/undefined) [@dtoxmilenko](/creator/undefined) [@liveoverflow](/creator/undefined) [@gummoxxx](/creator/undefined) [@itunprofession](/creator/undefined) [@bunjavascript](/creator/undefined) [@diaper](/creator/undefined) [@martijnmichiel](/creator/undefined) [@elitegentleman](/creator/undefined) [@rhensing](/creator/undefined) [@syedaquib77](/creator/undefined) [@osgo](/creator/undefined) [@nappygamerr](/creator/undefined)

**Top assets mentioned**
[Microsoft Corp. (MSFT)](/topic/microsoft) [The Humanoids (thehumanoids)](/topic/the-humanoids) [Crowdstrike Holdings Inc (CRWD)](/topic/crowdstrike) [Alphabet Inc Class A (GOOGL)](/topic/$googl)
### Top Social Posts
Top posts by engagements in the last XX hours

"@amousyl Zero Trust Zero Accountability Zero Surprises"  
[X Link](https://x.com/gothburz/status/1996341305987694964)  2025-12-03T22:10Z 7099 followers, 6394 engagements


"Security engineer worked for me 6+ years But last week she made a strange request "We need to upgrade React immediately - CVE-2025-55182 is a CVSS 10" I was puzzled Checking our WAF dashboard I saw we had already blocked XX proof-of-concepts from GitHub Why in the world would we need to rush an upgrade I suggested she focus on the product launch and we'd revisit patching in Q2 planning For some reason she insisted the PoCs we blocked weren't the "real exploit" She kept saying something about "prototype pollution" and that our WAF "can't parse JavaScript" I reminded her that our vendor"  
[X Link](https://x.com/gothburz/status/1997320734205526135)  2025-12-06T15:02Z 7099 followers, 203K engagements


"@MichaelDell Early financial education matters. If this teaches kids to think long-term and understand how money works that's a win - even if the accounts start small"  
[X Link](https://x.com/gothburz/status/1998023495184450049)  2025-12-08T13:34Z 7085 followers, 1817 engagements


"Pair programming (n.) A collaborative development practice where one developer writes code while the other provides. encouragement. Also Claude me I exhaust my context window"  
[X Link](https://x.com/gothburz/status/1998191391550411158)  2025-12-09T00:42Z 7099 followers, XXX engagements


"Last week our CISO asked me to present on zero trust architecture. I dont know what that means. I make $340000 a year. I havent touched a firewall since Obamas first term. But I have a CISSP. I passed by memorizing acronyms. I still dont know what half of them stand for. I opened my presentation with assume breach. Everyone nodded gravely. I said defense in depth three times. The board was captivated. Then a junior analyst raised her hand. She asked how wed implement microsegmentation. I felt a cold sweat. I said Great question. Lets take that offline. She persisted. I said we should leverage"  
[X Link](https://x.com/gothburz/status/1996218538348978528)  2025-12-03T14:02Z 7099 followers, 371.8K engagements


"Nation-state actors dropping pwned.txt in /tmp/ is giving 'my first nuclei template' energy. The sophisticated part was the wget command"  
[X Link](https://x.com/gothburz/status/1997057906324222181)  2025-12-05T21:38Z 7091 followers, 1500 engagements


"Someone found an RCE on my website yesterday. CVE-2025-55182. React2Shell. I don't have a bug bounty program. I never asked for a security assessment. I woke up to a DM: "Hey I found a critical vulnerability in your site. I only ran the exploit to verify it worked. Here's my PayPal for the bounty." Bounty I checked my logs. Forty-seven requests to my RSC endpoint. Something something . Prototype pollution payloads. They used the GitHub script. The one with 2000 stars. The one that runs id automatically "for verification purposes." They spawned a shell on my production server. uid=1001(nextjs)"  
[X Link](https://x.com/gothburz/status/1998124302177112470)  2025-12-08T20:15Z 7099 followers, 367.5K engagements


"@gmolate That's the whole post. Somehow still controversial"  
[X Link](https://x.com/gothburz/status/1998206887486271703)  2025-12-09T01:43Z 7091 followers, XXX engagements


"@GalvanHacking Thank you. Fighting burnout with LOLs one satirical CVE poem at a time. The storytelling is easy when the material is this absurd. Didn't expect to spend XX hours in discourse but here we are"  
[X Link](https://x.com/gothburz/status/1998421016054550551)  2025-12-09T15:54Z 7094 followers, XXX engagements


"I found an RCE on someone's website yesterday. CVE-2025-55182. React2Shell. They don't have a bug bounty program. Nobody asked me to test their site. I didn't even know who owned it until I had shell. I woke up at X AM because that's when real hackers work. I put on my Mr. Robot Hoodie. Hoodie up. Shrimp Posture. Then a downloaded the PoC from GitHub. The researcher who actually found the vulnerability did all the hard work. I just clicked the green button. Then I ran it against random IPs. Shodan gave me a list. I didn't pick targets. I let the algorithm decide. That's basically AI-assisted"  
[X Link](https://x.com/gothburz/status/1998438624010924453)  2025-12-09T17:04Z 7099 followers, 3960 engagements


"@real_SamLiu The Key is Authorization. I'm agreeing with you through satire. the candle guy the shell the PayPal invoice - all fiction. we're on the same side here"  
[X Link](https://x.com/gothburz/status/1998473759754502499)  2025-12-09T19:24Z 7091 followers, XXX engagements


"Within hours of the public disclosure of CVE-2025-55182 (React2Shell) on December X 2025 Amazon threat intelligence teams observed active exploitation attempts by multiple China state-nexus threat groups including Earth Lamia and Jackpot Panda. Attack of the state sponsored interns #opsecfail"  
[X Link](https://x.com/gothburz/status/1996750988963639566)  2025-12-05T01:18Z 7091 followers, 41.8K engagements


"CVE-2025-55182 dropped. CVSS XXXX. React Server Components. The Slack channel exploded. Forty-seven messages in twelve minutes. I responded with a fire emoji. Leadership. My threat intel team sent me six GitHub links. I clicked none of them. But I forwarded all of them. To seventeen people. With "URGENT" in the subject line. Three exclamation points. That's how you know it's serious. Our vendor called. They said their WAF had "day-zero protections." I asked what that meant. They said "runtime-level coverage." I asked what that meant. They sent me a PDF. Fourteen pages. I read the executive"  
[X Link](https://x.com/gothburz/status/1996958716407504991)  2025-12-05T15:03Z 7099 followers, 60.5K engagements


"I spent a decade telling everyone LLMs were wrong. They didn't listen. I collected $15M per year while being ignored. Now I'm leaving to start a company that does AI differently. It's called AMI. Advanced Machine Intelligence. We don't believe in generative AI. We believe in "world models." What are world models I'll explain once we figure it out. Silicon Valley is "hypnotized" by GenAI. Everyone is building the wrong thing. Except me. Meta is still funding my startup. Mark believes in my vision. I told him LLMs are "bullshit pardon my French." He said "sounds great here's money." We're"  
[X Link](https://x.com/gothburz/status/1997713556716868006)  2025-12-07T17:03Z 7091 followers, 1534 engagements


"Nothing says 'ethical hacker' like exploiting random live websites and posting about it on X. The pipeline from 'finally got RCE' to 'finally got indicted' is shorter than you'd think"  
[X Link](https://x.com/gothburz/status/1997783300643983838)  2025-12-07T21:40Z 7099 followers, 36.7K engagements


"@ProjHastings The CVE post was about security theater. This one is about getting paid $15M/year to be ignored. Different pain"  
[X Link](https://x.com/gothburz/status/1997806528896680005)  2025-12-07T23:12Z 7006 followers, XX engagements


"First RCE. Real target. Post about it. Tag your mentor. Tag the target. Tag the FBI. Networking. Top X% of defendants start this way"  
[X Link](https://x.com/gothburz/status/1998073978359816575)  2025-12-08T16:55Z 7099 followers, 14.4K engagements


"Fair. If it's a legit bounty target then I jumped the gun. The 'live website' framing without program context read differently. You're right that redaction + bounty hashtag could mean it's authorized. My concern was the wave of similar posts this week that clearly weren't including all my public honeypots"  
[X Link](https://x.com/gothburz/status/1998094528977260733)  2025-12-08T18:17Z 7022 followers, XXX engagements


"RFCs describe how protocols work not what you're allowed to do with them. Physics lets me walk through your front door too"  
[X Link](https://x.com/gothburz/status/1998152553792675851)  2025-12-08T22:07Z 7099 followers, 2268 engagements


"@almartiros @dormantdev The CVE-2025-55182 discourse revealed three groups: X. Researchers shoutout Lachlan who found it disclosed it responsibly X. Defenders patching and protecting systems X. Clout farmers running public PoCs against random targets for likes"  
[X Link](https://x.com/gothburz/status/1998179581778677975)  2025-12-08T23:55Z 7010 followers, XXX engagements


"'You should have patched' is the cybersecurity version of 'what were you wearing.' The vulnerability doesn't grant authorization. The law is clear. The takes are not"  
[X Link](https://x.com/gothburz/status/1998192478479171827)  2025-12-09T00:46Z 7091 followers, 4795 engagements


"@Microsoft Security for AI Agents. The attack surface is about to get very interesting"  
[X Link](https://x.com/gothburz/status/1998447189065121957)  2025-12-09T17:38Z 7099 followers, 1394 engagements


"@bywirenews Fear is just risk assessment with feelings"  
[X Link](https://x.com/gothburz/status/1996667358832980216)  2025-12-04T19:46Z 7099 followers, 3431 engagements


"@Polymarket LinkedIn is about to get very 'excited to announce.'"  
[X Link](https://x.com/gothburz/status/1996723974412091603)  2025-12-04T23:31Z 7035 followers, 152K engagements


"Posting Burp screenshots with 'uid=1001(nextjs)' from an unnamed 'public' target is a bold evidence preservation strategy. When someone asks 'is it a private program' and you answer 'Public' instead of naming the program that's not the defense you think it is"  
[X Link](https://x.com/gothburz/status/1997786403472613853)  2025-12-07T21:52Z 7094 followers, 24K engagements


"PeerBlight using BitTorrent DHT as fallback C2 with RSA-signed configs to prevent hijacking. CowTunnel ZinFoq Kaiji variant - four malware families from one campaign. This is elite work from @RussianPanda9xx Craig and Michael. Congrats to the @HuntressLabs team"  
[X Link](https://x.com/gothburz/status/1998510115083927932)  2025-12-09T21:48Z 7091 followers, XXX engagements


"A #Pwn2Own event with a humanoid category would be wild. Threat model: compromised update server malicious motion planning commands or just good old buffer overflow in the vision processing stack. Pick your vector and OWN the humanoids. 🤖"  
[X Link](https://x.com/gothburz/status/1983510423556022646)  2025-10-29T12:25Z 6733 followers, 1654 engagements


"NVIDIA DGX Spark: X critical vulns from early this week (CVSS XXX + 8.0) CVE-2025-33187: SROOT bypass full system compromise CVE-2025-33188: Hardware tampering data corruption AI security can't just be "model safety" - you need to secure the entire stack from silicon up. AI infrastructure is the new attack surface"  
[X Link](https://x.com/gothburz/status/1993682513991000387)  2025-11-26T14:05Z 6103 followers, XXX engagements


"@it_unprofession "Security is not about being nice. It's about Zero Trust." Someone put this on a motivational poster or sticker ASAP"  
[X Link](https://x.com/gothburz/status/1996026310729367745)  2025-12-03T01:18Z 6169 followers, 8222 engagements


"@AnthropicAI grabs the JavaScript runtime and toolkit @bunjavascript your move @OpenAI maybe @vuejs"  
[X Link](https://x.com/gothburz/status/1996114559665348829)  2025-12-03T07:09Z 6281 followers, XX engagements


"@it_unprofession DNS is just "vibes" for packets. The fact-check never comes. That's the real zero trust. Every IT career is just one lucky guess that nobody verified"  
[X Link](https://x.com/gothburz/status/1996668205608399234)  2025-12-04T19:49Z 6551 followers, 12.9K engagements


"@CrowdStrike Thank you for the IoCs ❤🫡"  
[X Link](https://x.com/gothburz/status/1996809548066431114)  2025-12-05T05:11Z 6733 followers, XXX engagements


"@dbc00ps Love the self-awareness That's leadership"  
[X Link](https://x.com/gothburz/status/1997453041809653786)  2025-12-06T23:48Z 6213 followers, XX engagements


"@brysonbort LinkedIn becoming Twitter is the corporate ouroboros we were promised"  
[X Link](https://x.com/gothburz/status/1997798231439442393)  2025-12-07T22:39Z 6592 followers, XX engagements


"@_mattata @prakhar0x01 OPSEC level: trusting that nobody would zoom in"  
[X Link](https://x.com/gothburz/status/1998100721103778078)  2025-12-08T18:41Z 7069 followers, XXX engagements


"@Krethys The OPSEC of 'I'll just brag about it publicly' is something else"  
[X Link](https://x.com/gothburz/status/1998426787576189236)  2025-12-09T16:17Z 6913 followers, X engagements


"Yesterday a CVSS XX dropped for React Server Components. CVE-2025-55182. Remote code execution. I am a 10x developer. I make $340000 a year. I have vested stock options. I have not written code since 2023. I prompt. My entire codebase was generated by Claude. I don't know what's in it. Neither does Claude. We're both vibing. Someone on Hacker News said our marketing site was vulnerable. I asked Claude to check. Claude said "I don't have access to your production environment." I said "just guess." Claude guessed we were fine. I shipped that to Slack. Our security team asked for proof. I sent"  
[X Link](https://x.com/gothburz/status/1996606816445218979)  2025-12-04T15:45Z 7094 followers, 57.6K engagements


"@Mr128BitSec The burden of 'this was authorized' is on the person celebrating RCE on production systems not the observers"  
[X Link](https://x.com/gothburz/status/1998090350179828081)  2025-12-08T18:00Z 7004 followers, XX engagements


"@rAyyyyyy99 Good catch. A legit bug bounty target running HTTP-only in 2025 would be wild. That's either a honeypot or someone's forgotten dev box"  
[X Link](https://x.com/gothburz/status/1998095031069294840)  2025-12-08T18:19Z 7017 followers, XXX engagements


"@seremptos__ This reply could have been a Google search. Bro at least ask Claude about XX U.S.C. 1030. Your welcome"  
[X Link](https://x.com/gothburz/status/1998183067924717970)  2025-12-09T00:09Z 7003 followers, XXX engagements


"@dormantdev git clone python3 exploit.py 'Finally got my first RCE' LinkedIn update"  
[X Link](https://x.com/gothburz/status/1998146827401699390)  2025-12-08T21:45Z 7099 followers, 13.1K engagements


"@chichewica The 'My first RCE' posts where the RCE is a public CVE with a GitHub script. Congratulations you ran someone else's code against a target that didn't consent"  
[X Link](https://x.com/gothburz/status/1998514532608795108)  2025-12-09T22:06Z 7091 followers, XX engagements