It's evolving! Thanks Immunefi for the mediation process! Gotta catch 'em all!

Severity upgrades happen only on Immunefi, because we care more about real report levelling than anyone else. The truth is what counts with us. So much more on this is coming, ready yourself. And in the meantime keep hunting and winning! We all love to see it.

Having a good way to create randomness in web3 is very difficult. Luckily Vladimir S. | Officer's Notes has created an amazing article on the subject. 🤝 officercia.mirror.xyz/vUsNhI6GZhXWab…

I came across with this great repo by infosec_us_team. You can check the changes that projects made on their Immunefi programs over time. I hope you never need it! 😁 But good to have at hand github.com/infosec-us-tea…

Vercel is down, and our favorite "decentralized" apps are all down 🎉

Li'l bug wanted to grow and cause trouble in the future, but it was caught in time! Another protocol taking security seriously, not waiting until it was too late. Thanks Immunefi! #immunefitribe

Do you know guys if there are still major chains that haven't implemented the EIP-6780 with the new `selfdestruct` implementation or are not planning to?

Smart Contracts & dApps Workshop Week @ Aleph! 🗓 August 19-22 | 18:00 - 21:00 📍 AreaTres El Salvador Crecimiento 🌞 Aleph Aleph Hackathon theredguild ft. Cristian Marchese Damian Martinelli Patricio Palladino juancito Everyone is welcome, not just Aleph citizens! Details & RVSP 🧵👇

Good luck to the judge.

I've been doing on-chain analytics for a few years, but as crazy as it sounds, I have never published a Dune dashboard. That ends today. I present to you my latest work, a dashboard exploring key metrics for ionic 🟡, on the Mode 🟡. #DuneCon2024

New blog post: Circle CCTP Noble Mint Bug by Evonide. A critical vulnerability in Circle’s Noble CCTP implementation could have allowed the circumvention of message sender verification to mint arbitrary USDC tokens. asymmetric.re/blog/circles-c…

1/ A new #WhitehatSuccess Story! From Barcelona, Spain, neumo was an entrepreneur who fought daily to keep the company started by him and two friends alive. But what started as a few college friends chasing a dream, had lost its spark after 15 years of grinding for clients.

If you're building or auditing a cross-chain dApp, here's a comprehensive checklist that you can go through to make sure you don't miss any potential criticals. Thanks juancito for coming up with it.🫡 github.com/0xJuancito/mul…

Starting the week with an audit with some chads Pashov Audit Group 🫡

Added some new challenges to my CTF challenge repo Think Gnosis Unsafe is worth checking out: github.com/MiloTruck/evm-… Can you execute a transaction without owner permissions in the following contract? Solution is pretty simple if you know the bug

PoC of Penpie exploit 11,113.6 ETH (~$27,348,259 USD) Not ez replay, what a work!!! github.com/SunWeb3Sec/DeF…

There's so much to learn from this POC. True alpha. Thanks Rotciv!

Here is some ALPHA to all the smart contract auditors. Penpie was exploited couple of days ago for ~ $27M. Rotciv wrote a POC of the exploit. You can learn a lot here: github.com/SunWeb3Sec/DeF…

We should see more funds to improve security like this one. Grants for building robust protocols is the best long term bet.