@SmartStateTech profile picture
SmartState | Smart contract audits & Web3 security @SmartStateTech
Joined June 2021
  • Tweets 639
  • Following 225
  • Followers 562
184 Photos and videos
🔍 Have you heard of a watering hole cyberattack, where the user can do literally nothing suspicious and yet got compromised? Find out how the watering hole attack works and how to stay protected in our latest blog post #cybersec #infosec #Web3security smartstatetech.medium.com/wh…

What is a watering hole cyberattack?

A watering hole attack is a targeted cyberattack where attackers compromise a legitimate website that a specific group of people frequently…

medium.com
2
1
5
151
SmartState | Smart contract audits & Web3 security retweeted
Diana Martens@d191tald1
Jan 20
That’s HOT! 🔥 We (my working group)’ve discovered PRIME number properties, distribution lаw and PRIME NUMBER CHECK that is algorithmically easy and computationally cheap for ANY number size! 🔥 Publications to be released soon, stay tuned! #math #primes en.wikipedia.org/wiki/Prime_…

Prime number - Wikipedia

en.wikipedia.org
1
1
104
💳 In a few days, SWIFT has planned a global shift to the ISO 20022, which aims to change the TradFi. What is this standard, how does it relate to the blockchain industry, and what twists might it bring? Learn more in our recent article #Web3 #compliance smartstatetech.medium.com/a-…

A SWIFT shift: what is ISO 20022 and how is it related to the blockchain industry?

On November 22, 2025, SWIFT, a key player in global financial payments with over 11,000 connected institutions, will transition from its…

medium.com
1
2
388
🚨 Massive supply chain attack reported. Hackers hijacked npm packages with ~2.6B weekly downloads. Injected malware intercepts crypto / Web3 browser activity, manipulates wallets & rewrites payment destinations #cryptosecurity #cybersecurity #infosec bleepingcomputer.com/news/se…

Hackers hijack npm packages with 2 billion weekly downloads in supply chain attack

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after compromising a maintainer's account in a phishing attack.

bleepingcomputer.com
2
1
4
7,803
SmartState | Smart contract audits & Web3 security retweeted
CrossCurve
@crosscurvefi
1 Sep 2025
🛡️ Perfect score on SmartState’s audit of CrossCurve’s MetaLayer CLP We’re excited to announce that our CLP has passed the audit by @SmartStateTech with flying colors!  What did the audit reveal? 🔎
14
21
92
29,791
💻 Do you know how price oracle manipulation vulnerability can compromise the integrity of your entire #DeFi project? Our latest security article breaks down this critical issue and provides tips for prevention 👇 #smartcontracts #defisecurity #crypto smartstatetech.medium.com/pr…

1
3
6,927
🚨 Efimer Trojan targets cryptocurrency users: Kaspersky has recently detected a new crypto stealer malware #crypto #cryptosecurity #infosec kaspersky.com/blog/efimer-tr…

The Efimer Trojan steals cryptocurrency via malicious torrent files and WordPress websites

The Efimer Trojan steals cryptocurrency via WordPress websites and malicious torrent files. Here's how to protect yourself from this new cyberthreat.

kaspersky.com
205
🔐 Access control vulnerabilities are among the top causes of smart contract hacks. Let’s take a quick look at what improper access control attacks are & how to mitigate them 🧵👇 #DeFi #crypto #DeFiSecurity
🔐 Access control vulnerabilities are among the top causes of smart contract hacks. Let’s take a quick look at what improper access control attacks are & how to mitigate them 🧵👇 #DeFi #crypto #DeFiSecurity

ALT 🔐 Access control vulnerabilities are among the top causes of smart contract hacks. Let’s take a quick look at what improper access control attacks are & how to mitigate them 🧵👇 #DeFi #crypto #DeFiSecurity

1
1
396
more replies
6/❗️ Important: If you vibe code smart contracts for your #crypto project using AI, keep in mind that LLMs can't handle access control design part for you as there's no one-size-fits-all approach to implementing access control, and there are too many varied examples over the net
1
1
283
7 EOT / And several useful pro tips: - Proper design = fewer sleepless nights for devs & users - Consider each function as a potential entry point - Explicitly define access rules for all sensitive operations - And never trust user input without validation 🛡️ #blockchainsecurity
177
❗️ Wiz Research has detected an active malicious cryptomining campaign targeting both Linux and Windows systems #crypto #cybersecurity #infosec wiz.io/blog/soco404-multipla…

Soco404: Multiplatform Cryptomining Campaign | Wiz Blog

Wiz Research has identified a new iteration of a broader malicious cryptomining campaign, which we’ve dubbed Soco404.

wiz.io
2
322
🔐 Random smart contract security fact: pseudo-randomness is a quite common security issue in blockchain development. Know more about pseudo-randomness and entropy illusion vulnerability in our recent article 👇 #crypto #blockchain #blockchainsecurity smartstatetech.medium.com/wh…

What is entropy illusion vulnerability?

Blockchain systems offer great opportunities for projects and devs, but like any other system, they have a number of certain limitations…

medium.com
1
3
287
🚨 Supply chain attack flagged in ETHcode VS Code extension update #Ethereum #EVM #infosec thehackernews.com/2025/07/ma…

Malicious Pull Request Targets 6,000 Developers via Vulnerable Ethcode VS Code Extension

Researchers uncover a supply chain attack targeting the Ethcode VS Code extension, affecting 6,000 users.

thehackernews.com
1
343
🚨 Bitcoin Depot reports data breach exposing personal data of nearly 27,000 crypto users #Bitcoin #crypto #infosec cointelegraph.com/news/bitco…
2
431
⚙️ Building on Solana? Deciding between Anchor and native Rust for your programs? Let’s break it down! Anchor simplifies dev with macros & tools, while native Rust offers max control. Here’s a quick guide to help you choose 🧵👇 #Solana #Web3 #DeFi #SolanaDeFi
⚙️ Building on Solana? Deciding between Anchor and native Rust for your programs? Let’s break it down! Anchor simplifies dev with macros & tools, while native Rust offers max control. Here’s a quick guide to help you choose 🧵👇 #Solana #Web3 #DeFi #SolanaDeFi

ALT ⚙️ Building on Solana? Deciding between Anchor and native Rust for your programs? Let’s break it down! Anchor simplifies dev with macros & tools, while native Rust offers max control. Here’s a quick guide to help you choose 🧵👇 #Solana #Web3 #DeFi #SolanaDeFi

1
2
545
more replies
8/ In sum: ✅ Anchor’s ecosystem, tools, & simplicity make it the go-to for most Solana devs. ✅ Native Rust is for those who need total control (and can handle it)
1
1
144
9 EOT / Want to dive deeper? Check Anchor: anchor-lang.com/ or Solana docs: docs.solana.com/ What’s your pick? 👀 Drop your thoughts 👇
1
76
Load more