
Nebula Security
An AI-native cybersecurity company
About Nebula Security
Nebula Security is an AI-native cybersecurity company founded by world-class hackers. We were the first team to build an nginx RCE and the first to root Android 17 through a full browser-to-kernel exploit chain. Nebula Security provides mythos-level code scanning and product security auditing, covering everything from code-level vulnerabilities to architectural weak points. “Audited by Nebula Security” is a mark of serious security credibility: a signal to customers, investors, and partners that your product has been reviewed by the world's best hackers.
Founders

Eten Zou
CEO & Founder
CEO & Founder @ Nebula Security (YC S26). PhD in Cybersecurity. Focus on automated vulnerability research.

Yuan Tan
Founder
Founder at Nebula Security (YC S26). Black Hat USA speaker. PhD dropout in System Security with experience in DARPA-funded fundamental research on program analysis.

Frank Wu
Founder
Founder of Nebula Security (YC S26). Black Hat USA speaker and DEF CON finalist with r3kapig, the world's No. 1 hacking team in 2025. He led the DARPA AIxCC automated program repair team and shipped end-to-end RCE/LPE exploit chains on Chrome, Firefox, Linux, and Android. He pwned Google's kernelCTF multiple times with zero-days, and has published research at top academic venues such as USENIX Security and NDSS. Ph.D. dropout.

Xiaochuan Yu
Founder
Hacked into iPhone, Chrome, Firefox, Safari, QEMU, and various things in your daily life. DEFCON finalist for 3 consecutive years. $200k+ Bug Bounty in Chrome. Core member of r3kapig, the #1 hacking team in the world in 2025, on CTFTime. M.S. from UC San Diego. Ph.D. droped out.