Reposts are welcomed:)
Zk Analysis Tools:
https://bugs.zksecurity.xyz/tools
Zk Bugs:
https://bugs.zksecurity.xyz
Follow for more @ethers_security
Zk Analysis Tools:
https://bugs.zksecurity.xyz/tools
Zk Bugs:
https://bugs.zksecurity.xyz
Follow for more @ethers_security
❤3
a good article for a review:)
https://www.rareskills.io/post/erc-3156
https://www.rareskills.io/post/erc-3156
RareSkills
Flash Loans and how to hack them: a walk through of ERC 3156 | By RareSkills
Flash Loans and how to hack them: a walk through of ERC 3156Flash loans are loans between smart contracts that must be repaid in the same transaction. This article describes the ERC 3156 flash loan specification as well as the ways flash lenders and borrowers…
🔥5
Sounds interesting🔎🙂
https://x.com/1nf0s3cpt/status/1911696197771018527?s=46
https://x.com/1nf0s3cpt/status/1911696197771018527?s=46
X (formerly Twitter)
SunSec (@1nf0s3cpt) on X
🔥AI x Smart Contract Security Tools by the DeFiHackLabs whitehats
DeFiHackLabs whitehats have built 4 powerful AI-driven auditing tools — boosting security, saving time, and catching real bugs (>$60K worth)!
All are open-source & ready to use.
🧵Thread with…
DeFiHackLabs whitehats have built 4 powerful AI-driven auditing tools — boosting security, saving time, and catching real bugs (>$60K worth)!
All are open-source & ready to use.
🧵Thread with…
👍3
I got a huge backlog of tools to test. Minus another weekend😅
https://x.com/getreconxyz/status/1912520603392757895?s=46
https://x.com/getreconxyz/status/1912520603392757895?s=46
X (formerly Twitter)
Recon (@getreconxyz) on X
After over a year of writing, running and iteration on Invariant Testing with Echidna and Medusa.
Saving 100s of millions via audits and over 20 millions of live funds.
We're Open Sourcing the Recon Extension!
The one extension to write and improve your…
Saving 100s of millions via audits and over 20 millions of live funds.
We're Open Sourcing the Recon Extension!
The one extension to write and improve your…
For questions/proposals, reach out to @huangsun
Please open Telegram to view this post
VIEW IN TELEGRAM
🔥3❤1
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
I’m excited to share that @rata0x and I have been collaborating on the Coinbase data leak for the past few months, assisting U.S. Law Enforcement. Today, we informed the affected victims who worked with us that Coinbase will be compensating them.
If you were impacted, please reach out to us—we’ll help you submit your case to coinbase for full recovery. Huge thanks to Coinbase for taking steps to make their customers whole!
• https://x.com/officer_cia/status/1923065371315011688?s=46
#security
If you were impacted, please reach out to us—we’ll help you submit your case to coinbase for full recovery. Huge thanks to Coinbase for taking steps to make their customers whole!
• https://x.com/officer_cia/status/1923065371315011688?s=46
#security
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
I’m excited to share that @rata0x and I have been collaborating on the Coinbase data leak for the past few months, assisting U.S. Law Enforcement. Today, we informed the affected victims who worked with us that Coinbase will be compensating them.
If you…
If you…
https://unphishable.io
- Train to spot Web3 phishing scams — safely, in your browser.
-30+ real attack simulations
-Testnet only. No real assets.
Source: https://x.com/slowmist_team/status/1939914194197135467?s=61
- Train to spot Web3 phishing scams — safely, in your browser.
-30+ real attack simulations
-Testnet only. No real assets.
Source: https://x.com/slowmist_team/status/1939914194197135467?s=61
🔥6
Forwarded from Investigations by ZachXBT
The recent ~$140M (R$ 800M) cyberattack on the Central Bank of Brazil services provider C&M Software is easily one of the most insane cases from this year.
Six financial institutions experienced unauthorized access to their reserve accounts on June 30, 2025.
Attackers converted fiat to BTC / ETH / USDT via Latam OTCs / exchanges. By my estimate at least $30-40M was converted to crypto.
Brazilian law enforcement has since shared the threat actor paid an employee at C&M only $2.76K (R$ 15K) for his corporate login and password.
I'll publish theft addresses related to the incident that I found when it's ok to share them as I have been helping freeze funds and attributing unlabeled OTCs.
Have not seen much coverage on the incident outside of Brazil.
Six financial institutions experienced unauthorized access to their reserve accounts on June 30, 2025.
Attackers converted fiat to BTC / ETH / USDT via Latam OTCs / exchanges. By my estimate at least $30-40M was converted to crypto.
Brazilian law enforcement has since shared the threat actor paid an employee at C&M only $2.76K (R$ 15K) for his corporate login and password.
I'll publish theft addresses related to the incident that I found when it's ok to share them as I have been helping freeze funds and attributing unlabeled OTCs.
Have not seen much coverage on the incident outside of Brazil.
❤3
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
An open, precise, and distributed approach to producing and consuming vulnerability information for open source ⬇️
• https://x.com/officer_cia/status/1949100969410679262
#security
• https://x.com/officer_cia/status/1949100969410679262
#security
Please open Telegram to view this post
VIEW IN TELEGRAM
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
An open, precise, and distributed approach to producing and consuming vulnerability information for open source ⬇️
Forwarded from Vladimir S. | Officer's Channel (Vladimir S. | officercia)
Fake extension for the cursorAI IDE code editor infected devices with remote access tools and info stealers, which led to the theft of $500,000 in cryptocurrency: https://x.com/officer_cia/status/1945181172729786643?s=46
#security
#security
X (formerly Twitter)
Vladimir S. | Officer's Notes (@officer_secret) on X
Researchers from @kaspersky Lab have shared the results of their investigation into an incident involving a blockchain developer who fell victim to a scam.
It turned out that a fake extension for the @cursor_ai IDE code editor infected devices with remote…
It turned out that a fake extension for the @cursor_ai IDE code editor infected devices with remote…