@blockthreat Editor and vCISO. ex @Coinbase Unit 0x / BlockSec @mandiant FLARE, @federalreserve NIRT
Joined July 2010
- Tweets 2,997
- Following 1,129
- Followers 5,673
- Likes 9,049
109 Photos and videos
Peter Kacherginsky retweeted
BlockThreat Community
Introducing community sponsored access to @blockthreat for students, new security researchers, public goods teams, and small DeFi projects.
More details here:
blockthreat.com/supporting-t…
2
6
846
Jun 10
“Once men turned their thinking over to machines in the hope that this would set them free. But that only permitted other men with machines to enslave them.”
Frank Herbert, Dune
Jun 10
Our Anthropic overlords deciding which prompts the peasants are allowed to use.
6
383
Jun 9
Special thanks to @griffgreen and everyone at @thedaofund. It's time to give back.
BlockThreat Community
Introducing community sponsored access to @blockthreat for students, new security researchers, public goods teams, and small DeFi projects.
More details here:
blockthreat.com/supporting-t…
1
8
450
Peter Kacherginsky retweeted
BlockThreat Enterprise Tier gives security teams organization-specific threat intelligence reports, monthly briefings, priority access, and optional tailored feeds based on the exploits, threat actors, techniques, and trends I track every day across Web3.
1
2
8
831
Peter Kacherginsky retweeted
BlockThreat - Week 23, 2026
📈$3.6M stolen across 14 incidents
💰 Zcash patches infinite minting bug
🪲 Full Disclosure and DeFi
🔖 Latest security research and tooling
1
4
9
1,148
TheDAO's Ethereum Security QF Round matching funds have officially been distributed 🛡️
What started as a 500 ETH matching pool from @thedaofund ultimately grew to 638 ETH thanks to support from across the ecosystem.
134 projects have now received funding to continue their work strengthening Ethereum security.
A huge thank you to every donor, contributor, and project that made this round possible.
10
14
60
5,726
this rug was quite well-hidden actually
Jun 7
🚨SlowMist TI Alert🚨
💸 Loss: 14.411518807585587 ETH
🔍 Root Cause: Storage slot collision between `ATOHook.rewards` mapping slot and Solady `ReentrancyGuard` fixed slot (`0x02215292eb9609279094554c6e223f800950648ddfa3da30329838d6c170928d`). The `nonReentrant` modifier in `getReward()` writes sentinel value `0xffffffffffffff` to the guard slot, which is simultaneously read as `rewards[attackContract]` due to the collision. This inflated reward is paid as ETH each call, allowing 200 repeated claims.
📌 Attacker (EOA): 0x2d2aafc193c24e59bd16139056ac9b4df4d37ad0
📌 Victim Contract: 0xa10de71ddb4e0d51938ef6e0118822e157a62888
📌 Attack Contract: 0x2441e480f62bf609a08da09143e4baf8a817d757
Storage collision between reward accounting and reentrancy guard enables unlimited reward drainage.
Powered by #SlowMist.AI
etherscan.io/tx/0xe4e2cc3b06…
9
10
118
34,290
Peter Kacherginsky retweeted
Jun 1
I think something dangerous is happening to audits.
It seems like there are fewer audits and audit prices have gone down.
Cheaper audits should be good right?
Not necessarily
🧵👇
1
3
38
4,504
May 28
Subscribers of @blockthreat know the answer to this and similar questions backed by hard numbers, exact incidents and attack vectors. 😉
May 27
We definitely have had an uptick in DeFi exploits lately with a new exploit almost daily. But is it just me or the vast majority of them are compromised key or other issues stemming from failed opsec rather than smart contract code exploits? (which also points to the centralization of "DeFi").
9
701
Peter Kacherginsky retweeted
BlockThreat - Week 21, 2026
$7.7M was stolen across 11 incidents this week.
10 hacks a week is the new baseline.
This week’s BlockThreat focuses on three attack vectors DeFi projects and security auditors should prioritize immediately.
1
3
12
853
🛡️ The results for the @thedaofund’s Ethereum Security QF Round are LIVE!
This historic round is closing with a HUGE last minute contribution:
@wintermute_t has added $200K to the matching pool 🔥
Wintermute is a well known liquidity provider, and one of the leading supporters of Ethereum security, in fact exactly a year ago today they donated $1M to @_SEAL_Org.
This year they teamed up with TheDAO, @Quantstamp & several other community partners to allocate over $1.6M worth of funding to Ethereum Security Public Goods 👇
79
105
376
142,224
Peter Kacherginsky retweeted
May 27
Recent posts by Manuel Aráoz on AI and DeFi security have been widely circulated, and customers have asked whether they reflect OpenZeppelin's position. They do not.
Manuel co-founded OpenZeppelin and served as the company’s CTO until 2019 when he left the company.
27
75
553
83,044
Peter Kacherginsky retweeted
I wish more people understood this.
Screenshot from @blockthreat article
blockthreat.com/blockthreat-…
3
1
21
782
Peter Kacherginsky retweeted
May 26
My first blog post for @monad's security team is out.
We spent a month building an AI system to hunt vulnerabilities in the Monad blockchain
here's what we learned
38
20
242
36,362
May 22
If you want to tell people the truth, make them laugh, otherwise they'll kill you.
- George Bernard Shaw
1
20
1,832
Peter Kacherginsky retweeted
May 22
A two-part story (in images).
9
12
95
13,073
May 21
Staying current in DeFi security means tracking:
294 Feeds
48 Chatrooms
1124 X accounts
13 Newsletters
8 Incident Repos
100 News Stories
500 Posts, Research Articles and Whitepapers
50 Incident Alerts and Post-mortems
Every week.
You could hire a full-time analyst to read it all, filter the noise, connect the dots, and tell your team what actually matters for DeFi security.
... or you could subscribe to @blockthreat
1
2
14
771
Peter Kacherginsky retweeted
May 20
If you haven't read this research, I strongly encourage you to. It's proof that the whitehat community has been the single biggest factor in keeping crypto safe at scale.
Crowdsourced security works really, really well.
immunefi.com/blog/research/9…
3
10
57
3,505
Peter Kacherginsky retweeted
May 19
This is a timely and great piece written by Peter. As an industry that studies incentives, we need to make sure we are incentivizing the security outcomes we want and rewarding (i.e. paying for) the white hat research and bug hunting required to protect the space... otherwise we'll pay a bigger price tag in the form of hacks. Hopefully "Bloody April" is the peak, not the beginning
1
1
4
568