How Aztec works - link
math bugs drain millions from Defi protocols - link
Hackers found a new way to phish — through browser notifications.
A new tool called Matrix Push C2 lets attackers send fake alerts that look like real ones from PayPal, Netflix, or TikTok.- Link
@EthSecurity1
math bugs drain millions from Defi protocols - link
Hackers found a new way to phish — through browser notifications.
A new tool called Matrix Push C2 lets attackers send fake alerts that look like real ones from PayPal, Netflix, or TikTok.- Link
@EthSecurity1
X (formerly Twitter)
alex.korn (@0xAlexKorn) on X
How Aztec Works
🔥6
nexa_network’s cross-chain token solution CATERC20 vulnerable to when switching owner it return zero. hacker used it to exploit port3 network. loss ~$160K
@EthSecurity1
@EthSecurity1
👍6❤2
Full list of packages that were affected by the latest npm attack :
ens packages
ethereum-ens
crypto-addr-codec
uniswap-router-sdk
valuedex-sdk
coinmarketcap-api
luno-api
soneium-acs
evm-checkcode-cli
gate-evm-check-code2
gate-evm-tools-test
create-hardhat3-app
test-hardhat-app
test-foundry-app
@accordproject/concerto-analysis
@accordproject/concerto-linter
@accordproject/concerto-linter-default-ruleset
@accordproject/concerto-metamodel
@accordproject/markdown-it-cicero
@accordproject/template-engine
@ifelsedeveloper/protocol-contracts-svm-idl
@EthSecurity1
ens packages
ethereum-ens
crypto-addr-codec
uniswap-router-sdk
valuedex-sdk
coinmarketcap-api
luno-api
soneium-acs
evm-checkcode-cli
gate-evm-check-code2
gate-evm-tools-test
create-hardhat3-app
test-hardhat-app
test-foundry-app
@accordproject/concerto-analysis
@accordproject/concerto-linter
@accordproject/concerto-linter-default-ruleset
@accordproject/concerto-metamodel
@accordproject/markdown-it-cicero
@accordproject/template-engine
@ifelsedeveloper/protocol-contracts-svm-idl
@EthSecurity1
👍4🔥4❤1
All four signatures were off-chain signatures, but the safe
backend exposes them to anyone, as opposed to only other signers. This is a design decision: you don't have to auth the owners, but comes with a tradeoff. link
HINT: use localsafe.eth
@EthSecurity1
backend exposes them to anyone, as opposed to only other signers. This is a design decision: you don't have to auth the owners, but comes with a tradeoff. link
HINT: use localsafe.eth
@EthSecurity1
🙉8❤1👍1🔥1
Revela Move decompiler - link
World's first CPU-level ransomware can "bypass every freaking traditional technology - link
Bitcoin stealer malware found in official printer drivers already stole more than 9 BTC - link
Bountyhunt3rz youtube interviews the top bug bounty hunters in crypto - link
@EthSecurity1
World's first CPU-level ransomware can "bypass every freaking traditional technology - link
Bitcoin stealer malware found in official printer drivers already stole more than 9 BTC - link
Bountyhunt3rz youtube interviews the top bug bounty hunters in crypto - link
@EthSecurity1
revela.verichains.io
Revela Decompiler
Decompile Aptos and Sui smart contracts to recover Move source code.
🔥5❤1
🤔2
Visualize Foundry tests
https://tx-graph-eight.vercel.app
1. Execute Foundry test, output test trace to a JSON file
2. Upload test trace JSON and ABIs (under /out)
3. Run the visualizer
@EthSecurity1
https://tx-graph-eight.vercel.app
1. Execute Foundry test, output test trace to a JSON file
2. Upload test trace JSON and ABIs (under /out)
3. Run the visualizer
@EthSecurity1
🔥5❤2😱2👍1
Bad OPSEC Considered Harmful - link
Model Checking the Security of the Lightning Network - link
Deep Dive into DeFi Derivatives - link
@EthSecurity1
Model Checking the Security of the Lightning Network - link
Deep Dive into DeFi Derivatives - link
@EthSecurity1
Buttondown
Bad OPSEC Considered Harmful
Bad Opsec Considered Harmful I recently became aware of a GitHub repository collecting “Bad OPSEC” cases—instances where people were caught due to mistakes...
🔥5
Seems yesterday privileged emergencyWithdraw() function was used to withdraw ~520k OG tokens (~$516k) to 0x617E8e3C07bEF319F26C1682270A19e89Ea2bf75
@OG_labs
@EthSecurity1
@OG_labs
@EthSecurity1
The old contract of @ribbonfinance has been drained for a total of $2.7M.
Exploit contract: 0x3c212A044760DE5a529B3Ba59363ddeCcc2210bE
Rootcause : oracle manipulation
Theft addresses:
0x354ad0816de79E72452C14001F564e5fDf9a355e
0x2Cfea8EfAb822778E4e109E8f9BCdc3e9E22CCC9
0x255b29642d1B125a0Ce8529aae61Ad19EE636DDf
0x537dee211543CC9CdEcB8690c5Be248D5b287558
0x46300aA369A59139E70F8Ec75ee9B921e5fdfC6F
0x816f6c6cc941364e3d2DA79442310e385043B479
0xB4f7eD0d3eA5256fA5Dfb2C73a1661ffb7f7beDb
0x40B31Ae97468e9Abd56965D1a3e28DDE1c79d0A3
0xDaDfe088422335C7A49D1de2B439e29Cb90EA5Ca
0x936457bEE1366e0bf05Eb52BB4a9FFFe2e7eF465
0x936457bEE1366e0bf05Eb52BB4a9FFFe2e7eF465
0x49CC128345bCF31A02b1B2B81f836f72E24c97bC
0x354ad0816de79E72452C14001F564e5fDf9a355e
0xCf5DF51A10c097140FB3a367281A4f5313725b1F
0x4c0dc529C4252e7Be0Db8D00592e04f878e4F397
@EthSecurity1
Exploit contract: 0x3c212A044760DE5a529B3Ba59363ddeCcc2210bE
Rootcause : oracle manipulation
Theft addresses:
0x354ad0816de79E72452C14001F564e5fDf9a355e
0x2Cfea8EfAb822778E4e109E8f9BCdc3e9E22CCC9
0x255b29642d1B125a0Ce8529aae61Ad19EE636DDf
0x537dee211543CC9CdEcB8690c5Be248D5b287558
0x46300aA369A59139E70F8Ec75ee9B921e5fdfC6F
0x816f6c6cc941364e3d2DA79442310e385043B479
0xB4f7eD0d3eA5256fA5Dfb2C73a1661ffb7f7beDb
0x40B31Ae97468e9Abd56965D1a3e28DDE1c79d0A3
0xDaDfe088422335C7A49D1de2B439e29Cb90EA5Ca
0x936457bEE1366e0bf05Eb52BB4a9FFFe2e7eF465
0x936457bEE1366e0bf05Eb52BB4a9FFFe2e7eF465
0x49CC128345bCF31A02b1B2B81f836f72E24c97bC
0x354ad0816de79E72452C14001F564e5fDf9a355e
0xCf5DF51A10c097140FB3a367281A4f5313725b1F
0x4c0dc529C4252e7Be0Db8D00592e04f878e4F397
@EthSecurity1
😢5
futureSwap Hacked for $267k
rootcause : DAO arbitrary proposal
Attack transaction: https://etherscan.io/tx/0x39e584cdb52adf6b2ed5bb44bfda0e1b254cb0a3925911cc33d842feaf0a8b95
@EthSecurity1
rootcause : DAO arbitrary proposal
Attack transaction: https://etherscan.io/tx/0x39e584cdb52adf6b2ed5bb44bfda0e1b254cb0a3925911cc33d842feaf0a8b95
@EthSecurity1
Ethereum (ETH) Blockchain Explorer
Ethereum Transaction Hash: 0x39e584cdb5... | Etherscan
Call 0xf3147eb0 Method By Futureswap Exploiter on 0xBc59f04f...4F17bFFA7 | Success | Dec-16-2025 07:52:47 PM (UTC)
Sherlock reported vulnerability to drake exchange - link
34 Auditing Tips for 2026 -link
@EthSecurity1
34 Auditing Tips for 2026 -link
@EthSecurity1
X (formerly Twitter)
SHERLOCK (@sherlockdefi) on X
Sherlock AI reported a High severity vulnerability in @DrakeExchange, an innovative perpetual exchange launching on Monad and currently in active development.
Rounding errors have been the source of some major security incidents in Web3 recently, and Sherlock…
Rounding errors have been the source of some major security incidents in Web3 recently, and Sherlock…
🔥6❤1
yearn finance, railgun, an unverfied contract hacked. oops☹️
X (formerly Twitter)
TenArmorAlert (@TenArmorAlert) on X
🚨TenArmor Security Alert🚨
Our system has detected a suspicious attack involving #RelayAdapt on #ETH, resulting in an approximately loss of $108.7K.
It appears that someone failed to execute the @RAILGUN_Project shield using the RelayAdapt contract, and…
Our system has detected a suspicious attack involving #RelayAdapt on #ETH, resulting in an approximately loss of $108.7K.
It appears that someone failed to execute the @RAILGUN_Project shield using the RelayAdapt contract, and…
😨6😢1
On Oct. 25, El Dorado Exchange
@ede_finance
(https://bscscan.com/address/0xf1d7e3f06af6ee68e22bafd37e6a67b1757c35a9), a GMX fork, lost ~$80k
rootcause: an ELP (LP token) accounting bug. Attacker exploited a mismatch between LP valuation and position accounting, minting ELP from thin air.
@EthSecurity1
@ede_finance
(https://bscscan.com/address/0xf1d7e3f06af6ee68e22bafd37e6a67b1757c35a9), a GMX fork, lost ~$80k
rootcause: an ELP (LP token) accounting bug. Attacker exploited a mismatch between LP valuation and position accounting, minting ELP from thin air.
@EthSecurity1
BNB Smart Chain Explorer
Address: 0xf1d7e3f0...1757c35a9 | BscScan
Contract: Verified | Balance: $42,772.57 across 1 Chain | Transactions: 69 | As at Dec-19-2025 08:45:50 AM (UTC)
EthSecurity
On Oct. 25, El Dorado Exchange @ede_finance (https://bscscan.com/address/0xf1d7e3f06af6ee68e22bafd37e6a67b1757c35a9), a GMX fork, lost ~$80k rootcause: an ELP (LP token) accounting bug. Attacker exploited a mismatch between LP valuation and position accounting…
2025-recap.decurity.io
Defimon 2025 Recap - Decurity
Defimon's 2025 DeFi security recap: 10 major exploits detected in real-time, totaling millions in losses. From deprecated contracts to ERC-4626 attacks, discover the patterns that defined the year of old code vulnerabilities and rounding issues.
🔥7
critical RCE flaw (CVSS 9.9) was found in the n8n workflow automation platform - link
We printed money on Starlink + PolyMarket - link
Polymarket trading bot steal private keys -
Iink
@EthSecurity1
We printed money on Starlink + PolyMarket - link
Polymarket trading bot steal private keys -
Iink
@EthSecurity1
X (formerly Twitter)
nostylist⁺ (@fuckmenostylist) on X
We printed money on Starlink + PolyMarket.
$24k in 15 days. Two devs, no insider info, no signals, no leverage.
Sounds weird? Yeah, it did to us too at first. But when you break it down, it's almost stupidly simple.
The Setup
@Polymarket markets always…
$24k in 15 days. Two devs, no insider info, no signals, no leverage.
Sounds weird? Yeah, it did to us too at first. But when you break it down, it's almost stupidly simple.
The Setup
@Polymarket markets always…
😁6🔥2
9.4 million dollars’ worth of assets on Gnosis Chain were recovered via the December hard fork from the Balancer exploit. Gnosis Chain force other nodes to imply new chain.Rekt
@EthSecurity1
@EthSecurity1
😁9