Co-founder of 🛡️@cyfrin | 🟪 @soloditofficial | 🦅 @codehawks | 🎓 @cyfrinupdraft | ⚔️ @battlechain
Joined September 2019
- Tweets 33,414
- Following 4,650
- Followers 113,628
- Likes 76,845
1,680 Photos and videos
Pinned Tweet
Mar 25
The @battlechain testnet is now LIVE.
Come enter the ultimate red-team platform.
Give us feedback so we can launch mainnet very soon, and fix web3 security.
51
80
568
68,920
Patrick Collins retweeted
Jun 2
We’re proud to introduce the Firelight Risk Consortium!
Together with @cyfrin, @CredoraNetwork, @HypernativeLabs, @nativeinsurance, and @labsGFX, the consortium establishes a transparent, neutral review process for onchain cover events.
medium.com/@Firelight/introd…
164
78
256
93,629
1/ An exciting unlock for @ethereum builders participating in the Ethereum Security Subsidy Program…
As of today, we're onboarding a select group of AI scan and security tooling providers to the subsidy program, making sure projects at all stages of funding and audit readiness can harden their security with industry-leading providers.
12
14
51
6,293
May 24
Don’t leave sensitive data in plaintext
May 24
🚨 BREAKING: Active supply chain attack across npm, PyPI, and Crates.​io.
Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems.
TrapDoor targets #crypto, #DeFi, AI, and security developers, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, env vars, and API keys.
Socket detected releases with a median detection time of 5 minutes, 27 seconds. The fastest detection occurred 58 seconds after publication.
15
8
90
21,304
Patrick Collins retweeted
May 21
Happy to share, Cyfrin has wrapped our audit of @0xspiralstake v2, a non-custodial protocol that amplifies yield using flash-loans on @Morpho.
Read the full report 👇
5
28
96
11,955
Patrick Collins retweeted
May 20
If you have ANY private repos with plain text secrets or sensitive documents/architectures, immediately rotate your secrets
We are investigating unauthorized access to GitHub’s internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHub’s internal repositories (such as our customers’ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.
100
228
2,344
721,934
Patrick Collins retweeted
May 15
I recently turned 33, and every year I want to go back to 21-year-old Patrick with a list of lessons.
If you're in your 20s, these are for you.
Most lessons only land after an ass-whooping. And even then, you usually miss them the first time.
139
217
2,972
328,493
May 16
LinkedIn is not real.
I made a joke about calling myself and idiot, and using that to fuel you to keep learning, and I was flagged for harassing people.
Amazing.
52
5
266
11,273
May 15
I recently turned 33, and every year I want to go back to 21-year-old Patrick with a list of lessons.
If you're in your 20s, these are for you.
Most lessons only land after an ass-whooping. And even then, you usually miss them the first time.
139
217
2,972
328,493
May 15
Weighting every opinion equally feels democratic; it isn't useful.
Next year, I'll have more, because I feel like I've learned a lot every year.
And finally, this isn't a lesson I learned this year, but it's my bonus parting gift👇
3
2
124
12,704
May 15
12. Keep your private keys encrypted at rest or risk getting rekt.
btw, none of this post was AI-generated, thanks.
8
10
326
11,905