Nebula Security

An AI-native cybersecurity company

YC Summer 2026CybersecurityAI

About Nebula Security

Nebula Security is an AI-native cybersecurity company founded by world-class hackers. We were the first team to build an nginx RCE and the first to root Android 17 through a full browser-to-kernel exploit chain. Nebula Security provides mythos-level code scanning and product security auditing, covering everything from code-level vulnerabilities to architectural weak points. “Audited by Nebula Security” is a mark of serious security credibility: a signal to customers, investors, and partners that your product has been reviewed by the world's best hackers.

Founders

  • Eten Zou

    CEO & Founder

    CEO & Founder @ Nebula Security (YC S26). PhD in Cybersecurity. Focus on automated vulnerability research.

    LinkedIn ↗X ↗

  • Yuan Tan

    Founder

    Founder at Nebula Security (YC S26). Black Hat USA speaker. PhD dropout in System Security with experience in DARPA-funded fundamental research on program analysis.

  • Frank Wu

    Founder

    Founder of Nebula Security (YC S26). Black Hat USA speaker and DEF CON finalist with r3kapig, the world's No. 1 hacking team in 2025. He led the DARPA AIxCC automated program repair team and shipped end-to-end RCE/LPE exploit chains on Chrome, Firefox, Linux, and Android. He pwned Google's kernelCTF multiple times with zero-days, and has published research at top academic venues such as USENIX Security and NDSS. Ph.D. dropout.

    LinkedIn ↗X ↗

  • Xiaochuan Yu

    Founder

    Hacked into iPhone, Chrome, Firefox, Safari, QEMU, and various things in your daily life. DEFCON finalist for 3 consecutive years. $200k+ Bug Bounty in Chrome. Core member of r3kapig, the #1 hacking team in the world in 2025, on CTFTime. M.S. from UC San Diego. Ph.D. droped out.

    LinkedIn ↗X ↗

Discussion

Posting anonymously

No comments yet — start the discussion.