🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Announcing: $250,000 OP Labs Competition 🪐 We're working with Optimism and OP Labs to secure their next scalability improvement: Superchain interop. 💰 $225,000 USDC + $25,000 private pot for Fellowship Stewards 📅 Live now - April 7 🔗 Below

.ZachXBT just published a list of tools he uses for sleuthing Bookmark it

.GMX 🫐 🧙🏼‍♂️ related contracts have been hacked for ~6,260 ETH (worth ~$13M)

An initial analysis of the 🧙🏼‍♂️ attack 👇 The CauldronV4 contract allows user to perform multiple actions while the solvency check is at the end of all actions. (P1) The user made 7 actions (P2), where: - 5 = borrow MIM - 30 = call attack contract - 31 = liquidation

🚨 Eagles and Hawks! The original message was published with an incorrect start date. Actual start date: 3 April, 12pm UTC. Thank you for your understanding. Total prize pool: $80k USDC Eagles pool: $6k to lead Eagle, $6k for all Eagles Code: CairoLang ➡️ Requires KYC 👇

🚨 ALERT! Our system has detected a suspicious transaction on Sonic Labs, resulting in a loss of ~$45K. While the relevant unknown contracts are not open source, the issue appears to be an accounting flaw that allows repaying 0 to withdraw collateral and profit. The 'hacker' is

3:55am wake up 3:56am hire a developer

This is the most detailed journey of a smart contract you'll ever find! By Gojo

What a great night at the Web 3 Developers Underground Meetup Web3 Devs Underground 🚀 Had the honour to be a speaker at the event, talk about Web3 security and connect with some great professionals in the industry in person🤝Definitely excited to speak at more meetups to come🎙️

#PeckShieldAlert The $TRUMP dev withdrew 4.6M $USDC from the liquidity pool, bridged the funds to #Ethereum, and deposited them into #Coinbase within the last 14 hours

uWu Protocol was exploited for $19 million. They used Curve's spot price `get_p` function to calculate token prices. Here’s how one Glider query could’ve caught the entire thing:

After 9 wonderful months with Guardian Audits, I decided to pivot into Solana security 3 months ago and spent 2 months preparing without competing. Here comes the result of my first Solana competition: Third win, with 100% coverage in each, at SHERLOCK Can't wait for the

A vulnerability is hidden in this code. Rock. Paper. Scissors. Exploit? Spot the vulnerability and secure the protocol! Special thanks to M3D for contributing this repo. 👇

Exactly 1 year since my first contest. A lot can happen in a year - keep grinding 🫡

The root cause of the Impermax attack is the mispricing of Uniswap V3 NFTs. The way it's pricing its NFT is using fair-pricing (which is robust against flashloan attacks!), but the fees' value are directly calculated: price = (amount0_after_fair_pricing + fee0) *

🚨 There’s a vulnerability hidden in this code 🚨 Can you find it and secure the protocol? CodeHawks First Flight #39 starts now. With special thanks to yeahChibyke for contributing to this repo. 👇

Solidity v0.8.30 just landed! This latest version is a maintenance release in light of the Pectra Ethereum network upgrade and changes the default EVM version from cancun to prague. 📝 Blog: soliditylang.org/blog/2025/05/0… 💾 GitHub: github.com/ethereum/solid… Some important things to

1/ I found an AMM bug in screenshot in my X feed. ZAMM is a hyper gas-optimized AMM. A malicious user can create a new AMM/Coin pair multiple times, allowing them to stash away hidden LP tokens to later rug the pool. Here’s how the bug works:

We're thrilled to be celebrating 10 years of Solidity! Let's look at some highlights from the past decade and get a glimpse into the future. 🧵↓

A detailed analysis of the GMX 🫐 attack. (1) The "refund" logic makes a malicious -> The attacker jail-break the restrictions to perform multiple actions in 1 transaction. As my previous tweet analyzed, the attacker fooled the frontend (the keeper bot) to hijack the control