What is this?
Security Twitter loves to scream about every new CVE. Most of it is noise. Some of it isn't. hypeorhack watches public posts on X and Bluesky, picks out which vulnerabilities are actually getting talked about right now, and asks Claude to read the chatter and tell you whether it's hype (recycled news, vendor FUD, speculation) or hack (working PoC, in-the-wild exploitation, KEV-listed, defenders triaging now).
Each one gets a 0–100 score, a short writeup, and links to the source posts so you can decide for yourself. CVEs are decorated with the boring-but-load-bearing stuff — NVD descriptions, CVSS, EPSS, KEV — alongside public PoC repos and recent articles when those exist.
No accounts, no alerts, no dashboards to configure. Just a read-only feed of what the security crowd is paying attention to today.
Built with / powered by
Signal: X API · Bluesky firehose · Tavily · CISA KEV · FIRST EPSS · NVD · GitHub · AttackerKB
AI: Claude for the writeups and hype-or-hack scoring, Claude Code for building most of it.
Built and run by @kevthehermit on X and @kevthehermit.bsky.social on Bluesky.