235 Photos and videos
Bug bounty platforms will need to up their filters. I have a feeling they will get an influx of submissions this weeks to any open contests.
Would love if @HackenProof or @sherlockdefi decided to share numbers!
Introducing Claude Fable 5: a Mythos-class model that we’ve made safe for general use.
Its capabilities exceed those of any model we’ve ever made generally available.
30
When you spend all day with @solana at @LDNTechWeek on the way home you see solana everywhere. Monument station.
3
65
Starting the week of right with @LDNTechWeek and @solana
Surprises and prizes and special events.
2
2
16
650
Chill day co-working at Somerset House with @SuperteamUK but this guy looks like he is up to something @archill
1
6
201
Massive supply chain attack live right now.
Big credit to @AikidoSecurity for spotting IronWorm: 30 npm packages from AsteroidDAO dropping a malicious Rust binary on preinstall. Steals 86 env vars, AWS/GCP/Vault/AI keys, drains Exodus wallets, then hides with eBPF rootkit Tor.
This is exactly why Web3 security isn’t one thing. It’s everything, all the time.
1
2
3
128
So proud of all the contributors. With enough voices maybe we can make London the heart of crypto
Jun 3
The future of DeFi in the UK shouldn't be decided without the people building it.
Today, we submit our response to the FCA's perimeter consultation.
Backed by 20 founders, all pushing for rules that can give DeFi a home here.
We fight for the progress we need. 🦾🇬🇧
1
1
7
364
Critical. 3 Highs. Caught.
On a 36k-line Rust protocol live on Solana.
Here's the four-pass framework that @Fidesiumapp used to find them.
Jun 3
The team audited 36,000 lines of Rust on @AdrenaProtocol .
The findings weren't where most auditors look.
Here's the framework that surfaced them.
2
34
Web3 security isn’t a one-time audit. It’s a brutal, ongoing grind where you must win every single time.
Just wrapped a deep audit on Adrena. A live on Solana perps DEX. 36k lines of Rust, 122 instructions, one Critical governance finding, and we shipped a full regression test suite with our custom fuzz harness so nothing slips later.
What’s your biggest security blind spot on Solana right now?
Defenders grind. Attackers get one lucky shot.
Full breakdown here:
3
46
Web3 security isn't one thing, it's everything, all the time.
Smart contracts? Audited, recently?.
Supply chain? Still cooked by Trapdoor.
Bridge? Forged in 5 mins.
Admin keys? 3 of 5 is a minimum.
Opsec? Your dev just installed a new package.
Stop treating security like a checkbox. It's the whole damn game or you're just funding North Korea's next attack.
1
1
20
Chill day down at @SuperteamUK Buildstation. Here most Fridays if you or your team ever have any questions about security.
Central London #Londonmaxing
8
2
24
1,216
Soooooo.... about the AI bubble.
May 28
NEW: AI consultant reveals a client accidentally spent $500,000,000.00 in a single month after failing to set employee limits on Claude usage.
1
22
Using the latest tools and agents to attack your own project is the the new necessary step in security.
You really want to do this before someone else does.
1
3
5
226
In 2012 in a letter to investors @finkd formalized his famouse line - "Move fast and break things. Unless you are breaking stuff, you are not moving fast enough."
This is literally th eworst advice ever in Web3.
Teams ship fast, skip supply chain checks, then Trapdoor-style attacks wipe them out. One malicious dep and years of work and millions gone.
1
27
Interested to see what this is. Looking forward boys.
May 26
A completely new security format is emerging.
One of the biggest protocols in Web3 is working with Sherlock to put it to the test.
June 15 to July 6.
More revealed tomorrow.
29
-----> Massive supply chain attack live.
Trapdoor hit with 34 malicious packages and 384 versions across npm, PyPI, and Rust Crates. Fake dev tools for crypto, DeFi, AI, Solana.
Silent install - then - drain wallets, private keys, SSH, AWS creds, GitHub tokens.
Only two months to switch from focusing on OpSec to supply chain.
Always the next weakest target.
Check everything.
49