Seems yesterday privileged emergencyWithdraw() function was used to withdraw ~520k OG tokens (~$516k) to 0x617E8e3C07bEF319F26C1682270A19e89Ea2bf75
@OG_labs
@EthSecurity1
@OG_labs
@EthSecurity1
The old contract of @ribbonfinance has been drained for a total of $2.7M.
Exploit contract: 0x3c212A044760DE5a529B3Ba59363ddeCcc2210bE
Rootcause : oracle manipulation
Theft addresses:
0x354ad0816de79E72452C14001F564e5fDf9a355e
0x2Cfea8EfAb822778E4e109E8f9BCdc3e9E22CCC9
0x255b29642d1B125a0Ce8529aae61Ad19EE636DDf
0x537dee211543CC9CdEcB8690c5Be248D5b287558
0x46300aA369A59139E70F8Ec75ee9B921e5fdfC6F
0x816f6c6cc941364e3d2DA79442310e385043B479
0xB4f7eD0d3eA5256fA5Dfb2C73a1661ffb7f7beDb
0x40B31Ae97468e9Abd56965D1a3e28DDE1c79d0A3
0xDaDfe088422335C7A49D1de2B439e29Cb90EA5Ca
0x936457bEE1366e0bf05Eb52BB4a9FFFe2e7eF465
0x936457bEE1366e0bf05Eb52BB4a9FFFe2e7eF465
0x49CC128345bCF31A02b1B2B81f836f72E24c97bC
0x354ad0816de79E72452C14001F564e5fDf9a355e
0xCf5DF51A10c097140FB3a367281A4f5313725b1F
0x4c0dc529C4252e7Be0Db8D00592e04f878e4F397
@EthSecurity1
Exploit contract: 0x3c212A044760DE5a529B3Ba59363ddeCcc2210bE
Rootcause : oracle manipulation
Theft addresses:
0x354ad0816de79E72452C14001F564e5fDf9a355e
0x2Cfea8EfAb822778E4e109E8f9BCdc3e9E22CCC9
0x255b29642d1B125a0Ce8529aae61Ad19EE636DDf
0x537dee211543CC9CdEcB8690c5Be248D5b287558
0x46300aA369A59139E70F8Ec75ee9B921e5fdfC6F
0x816f6c6cc941364e3d2DA79442310e385043B479
0xB4f7eD0d3eA5256fA5Dfb2C73a1661ffb7f7beDb
0x40B31Ae97468e9Abd56965D1a3e28DDE1c79d0A3
0xDaDfe088422335C7A49D1de2B439e29Cb90EA5Ca
0x936457bEE1366e0bf05Eb52BB4a9FFFe2e7eF465
0x936457bEE1366e0bf05Eb52BB4a9FFFe2e7eF465
0x49CC128345bCF31A02b1B2B81f836f72E24c97bC
0x354ad0816de79E72452C14001F564e5fDf9a355e
0xCf5DF51A10c097140FB3a367281A4f5313725b1F
0x4c0dc529C4252e7Be0Db8D00592e04f878e4F397
@EthSecurity1
😢5
futureSwap Hacked for $267k
rootcause : DAO arbitrary proposal
Attack transaction: https://etherscan.io/tx/0x39e584cdb52adf6b2ed5bb44bfda0e1b254cb0a3925911cc33d842feaf0a8b95
@EthSecurity1
rootcause : DAO arbitrary proposal
Attack transaction: https://etherscan.io/tx/0x39e584cdb52adf6b2ed5bb44bfda0e1b254cb0a3925911cc33d842feaf0a8b95
@EthSecurity1
Ethereum (ETH) Blockchain Explorer
Ethereum Transaction Hash: 0x39e584cdb5... | Etherscan
Call 0xf3147eb0 Method By Futureswap Exploiter on 0xBc59f04f...4F17bFFA7 | Success | Dec-16-2025 07:52:47 PM (UTC)
Sherlock reported vulnerability to drake exchange - link
34 Auditing Tips for 2026 -link
@EthSecurity1
34 Auditing Tips for 2026 -link
@EthSecurity1
X (formerly Twitter)
SHERLOCK (@sherlockdefi) on X
Sherlock AI reported a High severity vulnerability in @DrakeExchange, an innovative perpetual exchange launching on Monad and currently in active development.
Rounding errors have been the source of some major security incidents in Web3 recently, and Sherlock…
Rounding errors have been the source of some major security incidents in Web3 recently, and Sherlock…
🔥6❤1
yearn finance, railgun, an unverfied contract hacked. oops☹️
X (formerly Twitter)
TenArmorAlert (@TenArmorAlert) on X
🚨TenArmor Security Alert🚨
Our system has detected a suspicious attack involving #RelayAdapt on #ETH, resulting in an approximately loss of $108.7K.
It appears that someone failed to execute the @RAILGUN_Project shield using the RelayAdapt contract, and…
Our system has detected a suspicious attack involving #RelayAdapt on #ETH, resulting in an approximately loss of $108.7K.
It appears that someone failed to execute the @RAILGUN_Project shield using the RelayAdapt contract, and…
😨6😢1
On Oct. 25, El Dorado Exchange
@ede_finance
(https://bscscan.com/address/0xf1d7e3f06af6ee68e22bafd37e6a67b1757c35a9), a GMX fork, lost ~$80k
rootcause: an ELP (LP token) accounting bug. Attacker exploited a mismatch between LP valuation and position accounting, minting ELP from thin air.
@EthSecurity1
@ede_finance
(https://bscscan.com/address/0xf1d7e3f06af6ee68e22bafd37e6a67b1757c35a9), a GMX fork, lost ~$80k
rootcause: an ELP (LP token) accounting bug. Attacker exploited a mismatch between LP valuation and position accounting, minting ELP from thin air.
@EthSecurity1
BNB Smart Chain Explorer
Address: 0xf1d7e3f0...1757c35a9 | BscScan
Contract: Verified | Balance: $45,579.66 across 1 Chain | Transactions: 69 | As at Jan-06-2026 07:16:18 AM (UTC)
EthSecurity
On Oct. 25, El Dorado Exchange @ede_finance (https://bscscan.com/address/0xf1d7e3f06af6ee68e22bafd37e6a67b1757c35a9), a GMX fork, lost ~$80k rootcause: an ELP (LP token) accounting bug. Attacker exploited a mismatch between LP valuation and position accounting…
2025-recap.decurity.io
Defimon 2025 Recap - Decurity
Defimon's 2025 DeFi security recap: 10 major exploits detected in real-time, totaling millions in losses. From deprecated contracts to ERC-4626 attacks, discover the patterns that defined the year of old code vulnerabilities and rounding issues.
🔥7
critical RCE flaw (CVSS 9.9) was found in the n8n workflow automation platform - link
We printed money on Starlink + PolyMarket - link
Polymarket trading bot steal private keys -
Iink
@EthSecurity1
We printed money on Starlink + PolyMarket - link
Polymarket trading bot steal private keys -
Iink
@EthSecurity1
X (formerly Twitter)
nostylist⁺ (@fuckmenostylist) on X
We printed money on Starlink + PolyMarket.
$24k in 15 days. Two devs, no insider info, no signals, no leverage.
Sounds weird? Yeah, it did to us too at first. But when you break it down, it's almost stupidly simple.
The Setup
@Polymarket markets always…
$24k in 15 days. Two devs, no insider info, no signals, no leverage.
Sounds weird? Yeah, it did to us too at first. But when you break it down, it's almost stupidly simple.
The Setup
@Polymarket markets always…
😁6🔥2
9.4 million dollars’ worth of assets on Gnosis Chain were recovered via the December hard fork from the Balancer exploit. Gnosis Chain force other nodes to imply new chain.Rekt
@EthSecurity1
@EthSecurity1
😁9
JFIN Bridge (LCBridgev2Token) hacked for $13.4K
Type: Logic Error (Reward Calculation)
The staking reward calculation allows claiming rewards greater than the contract balance by exploiting the
TX: https://etherscan.io/tx/0xf867d1d7164ac9178d81696c989f65e817b8cab14850345ab3a1f99bbe547210
Victim: https://etherscan.io/address/0x3EbFd0EFC49a27fb633bd56013E4220EBC2c3C6d
CoinGecko: https://www.coingecko.com/en/coins/jfin-coin
@EthSecurity1
Type: Logic Error (Reward Calculation)
The staking reward calculation allows claiming rewards greater than the contract balance by exploiting the
claimReward function which pays out based on accumulated totalReward rather than actual available funds, draining all staked JFIN tokens.TX: https://etherscan.io/tx/0xf867d1d7164ac9178d81696c989f65e817b8cab14850345ab3a1f99bbe547210
Victim: https://etherscan.io/address/0x3EbFd0EFC49a27fb633bd56013E4220EBC2c3C6d
CoinGecko: https://www.coingecko.com/en/coins/jfin-coin
@EthSecurity1
Ethereum (ETH) Blockchain Explorer
Ethereum Transaction Hash: 0xf867d1d716... | Etherscan
Call 0x60806040 Method By 0xb2779442...142637751 | Success | Dec-20-2025 07:49:35 AM (UTC)
❤4🤔2
Seems trust wallet extension been compromised. If you enter pass phrase on web move your assets ASAP
@EthSecurity1
@EthSecurity1
😢10
do not use proton mail service. seems they deliver all customers data to government
@EthSecurity1
@EthSecurity1
👍12😢12👨💻3🤬1
🔥3❤1😱1
Flow blockchain Drops Rollback after $3.9M Exploit
RootCause: unathorized minting wFLOW,wETH,wBTC but validators Halted network no funds loss
@EthSecurity1
RootCause: unathorized minting wFLOW,wETH,wBTC but validators Halted network no funds loss
@EthSecurity1
🙉4
I can not focus on work until persian revolution is going on
Ahoramazda save iran
Ahoramazda save iran
🫡11😁4❤3🙉3👍1💯1
an insolvency bug in RAI's liquidation engine - link
You are thinking about rounding errors wrong - link
An AI security awesome list / learning journey - link
@EthSecurity1
You are thinking about rounding errors wrong - link
An AI security awesome list / learning journey - link
@EthSecurity1
X (formerly Twitter)
Trust (@trust__90) on X
We found an insolvency bug in RAI's liquidation engine. Through returndata-bombing, attackers could abuse a registered callback and make it unliquidatable.
Immunefi mediation confirmed the issue and recommended payout.
Then they reversed course after project…
Immunefi mediation confirmed the issue and recommended payout.
Then they reversed course after project…
❤3🔥1
yesterday Ipor hacked ~ $300K
RootCause : underlying contract delegated by the EOA account controlled by the project team through EIP-7702 contains a vulnerability that allows arbitrary external calls
@EthSecurity1
RootCause : underlying contract delegated by the EOA account controlled by the project team through EIP-7702 contains a vulnerability that allows arbitrary external calls
@EthSecurity1
😢4🔥3😁3😱3
Why fixed-rate lending never took off on-chain - link
Our main goal is to share tips from some well-known bughunters. - link
awesome Checklist - link
@EthSecurity1
Our main goal is to share tips from some well-known bughunters. - link
awesome Checklist - link
@EthSecurity1
X (formerly Twitter)
nico pei (@nicoypei) on X
Why fixed-rate lending never took off on-chain
🔥4
Zcash developers quit after board clash as ZEC drops 17% in 24H
The entire Electric Coin Company team behind Zcash resigned on January 7 after what CEO Josh Swihart described as a constructive discharge by the Bootstrap board.
According to the U.S. Department of Labor, constructive discharge refers to a situation where an employee's resignation is not considered voluntary due to an employer creating a hostile work environment or applying pressure that forces the quit.
@EthSecurity1
The entire Electric Coin Company team behind Zcash resigned on January 7 after what CEO Josh Swihart described as a constructive discharge by the Bootstrap board.
“Yesterday, the entire ECC team left after being constructively discharged by ZCAM. In short, the terms of our employment were changed in ways that made it impossible for us to perform our duties effectively and with integrity.”
According to the U.S. Department of Labor, constructive discharge refers to a situation where an employee's resignation is not considered voluntary due to an employer creating a hostile work environment or applying pressure that forces the quit.
@EthSecurity1
😱5🙉3😁2