Forwarded from Cyber Detective
AI Privacy Guide
Guide to using AI technologies safely while protecting your privacy:
- self-hosted solutions
- popular AI services
- best practices
- practical setup instructions.
https://github.com/iAnonymous3000/ai-privacy-guide
Contributor twitter.com/iAnonymous3000
#ai #privacy
Guide to using AI technologies safely while protecting your privacy:
- self-hosted solutions
- popular AI services
- best practices
- practical setup instructions.
https://github.com/iAnonymous3000/ai-privacy-guide
Contributor twitter.com/iAnonymous3000
#ai #privacy
Daily Security
Don’t abuse please😅 - A selection of the best Telegram OSINT bots (Phones, punched numbers) https://hackyourmom.com/en/servisy/dobirka-krashhyh-osint-botiv-telegram-telefony-probyv-nomera/ - (Search for information on Telegram) https://hackyourmom.com/e…
added a couple more
https://molfar.com/en/useful-apps
https://www.bellingcat.com/resources/2024/09/24/bellingcat-online-investigations-toolkit/
https://molfar.com/en/useful-apps
https://www.bellingcat.com/resources/2024/09/24/bellingcat-online-investigations-toolkit/
Molfar
OSINT tools for intelligence – Molfar
Learn and use OSINT tools to search for information from open sources with the Molfar analysts. List of tools for OSINT intelligence online, new features in analytics!
Forwarded from Investigations by ZachXBT
The project Truflation was hacked a few hours ago for $5M+ on multiple chains from the treasury multisig and personal wallets
EVM theft address
0x53d2094b31429a13e739358b16354d8e0826b25a
0x2122a76213b23daf633b850cb659750db0cac801
0x4ec10144f1a96eed9b04d324d0997b5325c56472
0x7ea07c76328fc789435fc77a2a4d527c5bbc333e
0x3f8e5cc8abd032dd6ad652423e951ab06f833126
SOL theft address
6v4R3z5ahHqx3pbxMpYQMu26cuQoonLX2Rqq7WF35yzp
EVM theft address
0x53d2094b31429a13e739358b16354d8e0826b25a
0x2122a76213b23daf633b850cb659750db0cac801
0x4ec10144f1a96eed9b04d324d0997b5325c56472
0x7ea07c76328fc789435fc77a2a4d527c5bbc333e
0x3f8e5cc8abd032dd6ad652423e951ab06f833126
SOL theft address
6v4R3z5ahHqx3pbxMpYQMu26cuQoonLX2Rqq7WF35yzp
👍2
Check out a cool article from my colleague 😉
The Hidden Backdoors of Blockchain: Why End-to-End Security is Crucial in Web3
https://medium.com/@5m477/the-hidden-backdoors-of-blockchain-why-end-to-end-security-is-crucial-in-web3-328c83300379
Follow for more @ethers_security
The Hidden Backdoors of Blockchain: Why End-to-End Security is Crucial in Web3
https://medium.com/@5m477/the-hidden-backdoors-of-blockchain-why-end-to-end-security-is-crucial-in-web3-328c83300379
Follow for more @ethers_security
Please open Telegram to view this post
VIEW IN TELEGRAM
Medium
The Hidden Backdoors of Blockchain: Why End-to-End Security is Crucial in Web3
Imagine you’re building your dream house. You focus intently on fortifying the front door — reinforced steel, biometric locks, and the…
❤1👍1
Forwarded from Investigations by ZachXBT
In the past hour a victim was drained for 12K spWETH ($32.4M)
Theft txn hash
0xf7c00f18175cdea49f8fdad6a1d45edeb318f18f3009f51ab9f4675171c1d8fb
Theft address
0x471c725Bd1F29850CBb8eeA4cdf6c9Ce3caC5607
h/t ScamSniffer
Theft txn hash
0xf7c00f18175cdea49f8fdad6a1d45edeb318f18f3009f51ab9f4675171c1d8fb
Theft address
0x471c725Bd1F29850CBb8eeA4cdf6c9Ce3caC5607
h/t ScamSniffer
Looks interesting
A game for Ton Hackers
https://www.hacktheton.com/en
A checklist for Ton Developers
https://github.com/PositiveSecurity/ton-audit-guide
Tron checklist from previous post
https://news.1rj.ru/str/ethers_security/265
Ton Awesome Security
https://github.com/Polaristow/awesome-ton-security
TON Resources
https://x.com/arsen_bt/status/1883975409739686327
Follow for more @ethers_security
A game for Ton Hackers
https://www.hacktheton.com/en
A checklist for Ton Developers
https://github.com/PositiveSecurity/ton-audit-guide
Tron checklist from previous post
https://news.1rj.ru/str/ethers_security/265
Ton Awesome Security
https://github.com/Polaristow/awesome-ton-security
TON Resources
https://x.com/arsen_bt/status/1883975409739686327
Follow for more @ethers_security
Hacktheton
Hack the TON
TON Based Wargame
❤3
Forwarded from Anon
Hi, guys. Unfortunately, I am not so active in this half of the year due to personal reasons🥲 However, I am planning to fix it quite soon. Meanwhile, if the content on these resources helped you or your friends, I would be grateful for a donation🫶
Tron (TRC20)
TPyHztRbhq4SgRogmHHhUeAJpYjfrpmvab
EVM
0x06009Fd4D3a8a8D00b4b402EE133369651eDf516
Tron (TRC20)
TPyHztRbhq4SgRogmHHhUeAJpYjfrpmvab
EVM
0x06009Fd4D3a8a8D00b4b402EE133369651eDf516
Please open Telegram to view this post
VIEW IN TELEGRAM
❤1
Forwarded from Kotya security (Vladislove)
A great article showcasing that even in case everything has been compromised - the hardware wallet still can safe you on the example of the Radiant key compromise exploit. I personally use SafePal S1 as it doesn't have WiFi, Bluetooth or any other connections to the world - a fully offline device.
https://medium.com/@bazzanigianfranco/how-to-not-blind-signing-safe-multi-sign-transactions-with-our-hardware-wallet-abd0cee9226c
https://medium.com/@bazzanigianfranco/how-to-not-blind-signing-safe-multi-sign-transactions-with-our-hardware-wallet-abd0cee9226c
Medium
How to (not) blind-sign Safe multisig transactions with our hardware wallet
The screen on our hardware wallet is our last untamperable frontier when it comes to sign any transaction, it is crucial to double-check…
❤4👍1
Forwarded from Anon
Hi, everyone. A reminder that we have a chat where we share tools, researches and many other stuff. Do not hesitate to join 🔮❤️🫡
@ethers_club
@ethers_club
👍1
Forwarded from infinityhedge
URGENT: Blockaid systems have detected a potential supply chain attack targeting dApps that use Lottie Player.
A new version of this npm packaged was deployed a couple of minutes ago, with multiple legitimate dApps now issuing malicious transactions: link
DO NOT CONNECT YOUR WALLETS TO POP-UPS COMING ON WEBSITES
A new version of this npm packaged was deployed a couple of minutes ago, with multiple legitimate dApps now issuing malicious transactions: link
DO NOT CONNECT YOUR WALLETS TO POP-UPS COMING ON WEBSITES
Forwarded from infinityhedge
infinityhedge
URGENT: Blockaid systems have detected a potential supply chain attack targeting dApps that use Lottie Player. A new version of this npm packaged was deployed a couple of minutes ago, with multiple legitimate dApps now issuing malicious transactions: link…
1inch Front-End compromised
DO NOT CONNECT WALLET
DO NOT CONNECT WALLET
Looks like the crypto casino Metawin was exploited for $4M+ on Ethereum and Solana earlier today.
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
Source
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
Source
Telegram
Investigations by ZachXBT
Looks like the crypto casino Metawin was exploited for $4M+ on Ethereum and Solana earlier today.
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
See 115+ theft addresses tied to the exploiter here.
So far stolen funds have been transferred to Kucoin and a HitBTC nested service.
Cairo Security Unlocked: Zero Knowledge Security Course ( 9 parts)
https://youtube.com/playlist?list=PLUa3vKGsV9PofmXCLrkodJ9GoCSlSEJmW&si=RRTT7rCDV1v4Z32H
Follow for more @ethers_security
https://youtube.com/playlist?list=PLUa3vKGsV9PofmXCLrkodJ9GoCSlSEJmW&si=RRTT7rCDV1v4Z32H
Follow for more @ethers_security
YouTube
Cairo Security Unlocked Zero Knowledge Security Course
Unlock the secrets of Zero-Knowledge Security with our comprehensive Cairo Security Unlocked series. This course, brought to you by Extropy, is designed to e...
Hey) A telegram chat where we share blockchain tools, security checklists, osint instruments and much more. Do not hesitate to join. Reposts and likes are highly appreciated 💜💙
https://news.1rj.ru/str/ethers_club
https://news.1rj.ru/str/ethers_club
Forwarded from Arseniy R
Gm hackers, we have made the public real-time DeFi security feed: https://news.1rj.ru/str/defimon_alerts
For bug bounty hunters we also indexed all smart contracts in scope of Immunefi to notify about proxy upgrades, governance & access control activity. Enjoy!
For bug bounty hunters we also indexed all smart contracts in scope of Immunefi to notify about proxy upgrades, governance & access control activity. Enjoy!
Telegram
Defimon Alerts
Real-time security alerts for DeFi
https://defimon.xyz
https://defimon.xyz
👍2
Malware in the @solana/web3.js
Seen some similar cases of npm takeover in the past. Be careful💫
https://x.com/anza_xyz/status/1864085236432134264?s=46
Linkedin post
Additional research
https://x.com/beeman_nl/status/1864068026120786169?s=46
Seen some similar cases of npm takeover in the past. Be careful💫
https://x.com/anza_xyz/status/1864085236432134264?s=46
Linkedin post
Additional research
https://x.com/beeman_nl/status/1864068026120786169?s=46
👍3
UniV4 Useful Stuff🙏✌️❤️
Bad Hook with Broken Access Control
https://composable-security.com/blog/uniswap-v-4-bad-hook-with-broken-access-control/
Oracle Hook with Malicious Owner
https://composable-security.com/blog/uniswap-v-4-oracle-hook-with-malicious-owner/
Liquidity Theft via Hook Fee
https://composable-security.com/blog/uniswap-v-4-liquidity-theft-via-hook-fee/
Re-initialization Leading to Funds Locked
https://composable-security.com/blog/uniswap-v-4-re-initialization-leading-to-funds-locked/
Threats for Uniswap v4 Hooks
https://composable-security.com/blog/threats-for-uniswap-v-4-hooks/
Further Research to Improve Hooks Security
https://composable-security.com/blog/uniswap-v-4-further-research-to-improve-hooks-security/
🥳Follow for more @ethers_security
Chat @ethers_club
Bad Hook with Broken Access Control
https://composable-security.com/blog/uniswap-v-4-bad-hook-with-broken-access-control/
Oracle Hook with Malicious Owner
https://composable-security.com/blog/uniswap-v-4-oracle-hook-with-malicious-owner/
Liquidity Theft via Hook Fee
https://composable-security.com/blog/uniswap-v-4-liquidity-theft-via-hook-fee/
Re-initialization Leading to Funds Locked
https://composable-security.com/blog/uniswap-v-4-re-initialization-leading-to-funds-locked/
Threats for Uniswap v4 Hooks
https://composable-security.com/blog/threats-for-uniswap-v-4-hooks/
Further Research to Improve Hooks Security
https://composable-security.com/blog/uniswap-v-4-further-research-to-improve-hooks-security/
🥳Follow for more @ethers_security
Chat @ethers_club
Smart Contract Audits - Composable Security
Uniswap V4: Bad hook with broken access control - Smart Contract Audits - Composable Security
The threat scenario covered in this article is "attacker calls hooks directly on the hook contract".
❤2🔥1