NEW BOT Телеграм, страница

Daily Security

Foundry POC that shows how the thirdweb contracts are exploited due to the wrong use of Openzeppelin ERC2771 with Multicall

https://github.com/0xnirlin/Thirdweb-Exploit-POC

🟢Follow for more @ethers_security

Please open Telegram to view this post

VIEW IN TELEGRAM

GitHub

GitHub - 0xnirlin/Thirdweb-Exploit-POC: Repositery to show case the recent thirdweb exploit that raised due to using openzeppelin…

Repositery to show case the recent thirdweb exploit that raised due to using openzeppelin ERC2771 implementation with a multi call. - 0xnirlin/Thirdweb-Exploit-POC

🔥4

1.62K views13:00

Daily Security

Forwarded from Vladimir S. | Officer's Channel (officercia)

Revoke cash and Sushi UIs compromised! Stay safe!

• x.com/officer_cia/status/1735276914321846498?1

#security #alert

X (formerly Twitter)

Officer's Notes (@officer_cia) on X

Stay safe! @SushiSwap and @RevokeCash front-end compromised too!

874 views12:39

Daily Security

Have you ever dreamed about an auditing course with top web3 enthusiasts gathered in one place?

No code required 😊

https://updraft.cyfrin.io/courses/security

A shout out to Patrick and his team for this

🔥 Follow for more @ethers_security

❤‍🔥3👍1🤪1

1.64K viewsedited 19:12

Daily Security

Forwarded from infinityhedge

MongoDB is hacked 🚨⚠️

https://www.mongodb.com/alerts

1.15K views21:35

Daily Security

Hi, friends. Long time no see🧡
Don't miss out the tool below🆗

From SunSec guys:

"🔥DarkCat progress updates:
Automatic PoC generator:
1. Rewritten the server with nodejs (it was python before).
2. Using interfaces instead of low level calls.
3. Support run forge test directly on web.

Keep improving!"

https://fxtwitter.com/1nf0s3cpt/status/1744310042424398088

Please open Telegram to view this post

VIEW IN TELEGRAM

FxTwitter / FixupX

0:31

SunSec (@1nf0s3cpt)

🔥DarkCat progress updates:

Automatic PoC generator:
1. Rewritten the server with nodejs (it was python before).
2.Using interfaces instead of low level calls.
3. Support run forge test directly on web.

Keep improving!

👍3

1.05K viewsedited 10:59

Daily Security

https://composable-security.com/blog/protect-your-account-sim-swap-hack/

Follow for more @ethers_security 🧡

Smart Contract Audits - Composable Security

Protect your account: SIM swap hack - Smart Contract Audits - Composable Security

Learn more about the SIM card swap scam which is one of the most popular attack vectors for X account hijacking.

❤1

1.01K viewsedited 21:05

Daily Security

https://blog.chain.link/five-levels-cross-chain-security/

Chainlink Blog

The Five Levels of Cross-Chain Security | Chainlink Blog

Explore the five levels of cross-chain security and discover why Chainlink CCIP is the only interoperability protocol with level 5 security.

1.03K views13:04

Daily Security

https://www.csoonline.com/article/1290876/the-owasp-ai-exchange-an-open-source-cybersecurity-guide-to-ai-components.html

CSO Online

The OWASP AI Exchange: an open-source cybersecurity guide to AI components

This open-source collaborative effort to share global AI security standards, regulations, and knowledge aims to mitigate risk and boost AI cybersecurity for all.

1.24K views16:31

Daily Security

Thanks to great minds from Oxorio for such a cool list🙏

❤2

1.09K views15:17

Daily Security

Forwarded from Investigations by ZachXBT

It appears Ripple was hacked for ~213M XRP ($112.5M)

Source address
rJNLz3A1qPKfWCtJLPhmMZAfBkutC2Qojm

So far the stolen funds have been laundered through MEXC, Gate, Binance, Kraken, OKX, HTX, HitBTC, etc

Theft addresses
rGhR13XyM43WdDaSMznHd5rZ4cJatybvEg
rHQVKntyfkDCPhEBL2ctryuEAkDZgckmmV
rLsUemhuBZtF44rqqzneb2F9JgyrRYYd4t
rKPERax7t9iFvT3RHXn5nifyNpzp9a4hBa
rpjs4HLX1gJoEenH69PsQmXaXY22QhCYAT
rLRhugR4ysNa2xkt4E6fKN8krs9jatCp6w
rnCyeUNvfDbtTagGEPjBfTCBz6EqJjf2Uj
rHVjfYzTaB8MzSoQGqpzH9barZr85QsZW7

😱3❤1👍1

1.07K views14:11

Daily Security

Forwarded from Hacker News

macOS Sonoma 14.4 removes critical functions from the fileproviderctl command
Article, Comments

MacRumors Forums

fileproviderctl on Sonoma 14.4 - here we f#@%ng go again

14.4 (23E5180j) seems to have gimped the fileproviderctl command again. This happened before where they completely broke the command on 13.6. Feels like there's ONE guy whose job it is to compile...

1.17K views17:55

Daily Security

https://medium.com/dedaub/phantom-functions-and-the-billion-dollar-no-op-c56f062ae49f

PoC: https://github.com/SunWeb3Sec/DeFiVulnLabs/blob/main/src/test/phantom-permit.sol

Medium

Phantom Functions and the Billion-Dollar No-op

By the Dedaub team

🔥3

1.01K viewsedited 00:34

Daily Security

https://www.trust-security.xyz/post/permission-denied

Trust Security

Permission denied - The story of an EIP that sinned

On 24/08 Trust Security disclosed a variety of DOS issues to 30+ projects through Immunefi and private bug bounty programs. In total $50k from 15 projects were paid out. We'll start with a technical denoscription of the issue for those of you who like to get…

2.2K views17:40

Daily Security

Understanding Security Vulnerabilities in SNARKs
https://arxiv.org/pdf/2402.15293v1.pdf

1.08K views15:16

Daily Security

Forwarded from Anon

Hi, guys. Would be grateful for your support❤️

BUSD BEP20
0x06009Fd4D3a8a8D00b4b402EE133369651eDf516

USDT BEP20
0x06009Fd4D3a8a8D00b4b402EE133369651eDf516

USDC ERC20
0x06009Fd4D3a8a8D00b4b402EE133369651eDf516

USDT ERC20
0x06009Fd4D3a8a8D00b4b402EE133369651eDf516

Matic
0x06009Fd4D3a8a8D00b4b402EE133369651eDf516

TRX
TPyHztRbhq4SgRogmHHhUeAJpYjfrpmvab

1.06K views16:25

Daily Security

https://t.co/WVFRnCtvWd

Medium

Web2.5 Security

This is an article about pentesting blockchain infrastructure, wallets, and custodial apps. We did numerous security reviews of such…

1.15K views21:32

Daily Security

https://mixbytes.io/blog/audit-zk-application-example-tornado-cash

mixbytes.io

Audit of a ZK application on example: Tornado Cash

Explore the security analysis of ZK applications, focusing on Circom and featuring Tornado Cash. Uncover critical code sections, delve into ZK algorithm security, and gain insights into real-world analysis methods.