Judging from the screenshot, a huge amount of GET /TweetDetail is generated which triggers some rate limiting, as shown by the 429.
If this is indeed due to the recent decision to enforce authentication for all API calls, it means the curlprit may actually be the API gateway or something similar downstream.
Also, this behavior seem to never stop, which isn't what one would expect from an exponential backoff retry.
I don't claim to be a better engineer than the folks working at Twitter, but it is interesting to see something like this in the wild, all Musk-related considerations aside.
The way I understand it, DDoS is not caused by enforced authentication - enforced authentication is just a temporary measure against DDoS.