Bimoo

Per coffeexcoin -
"The SSS_HQ $SSS LP was just drained on blast. The OOO - the balance for "from" and then sets the balance for "to" - if these are the same address, the "toBalance" does not take into affect the decrement of "amount" and just overwrites the balance with the initial balance + transferred amount."

/Web3 Security

10503

Preston

@ptonewreckin·

In crypto you don’t even need to steal users money, they’ll just give it to you

Trezor’s x.com account is compromised. Expect tales of a ‘sophisticated’ actor 😂

Per Zach, $122.5M USD sent to Solana "pre-sale" addresses since March 12th

Lots of genuine questions surrounding the design and implementation of THORFi. Here's a (mostly up to date) e2e breakdown of how the solution works - https://www.youtube.com/watch?v=AaqHG00RJks and https://www.youtube.com/watch?v=PVpYU5kCOHI

$120m valuation for implementing webrtc. not gonna lie, i'm both jealous and flabbergasted

10503

Preston

@ptonewreckin·

Costs $4 to send my buddy a text message using SolChatCoin. Legitimately curious why message data needs to be on-chain. Send costs, query costs, which problem did we solve?

So who's building with token extensions?

Lots of phishing chatter this morning. Friendly reminder to deploy the necessary mail security records to prevent impersonation and spoofing vectors (SPF, DKIM, DMARC).

ConcentricFi on Arbitrum was compromised through a contract manipulation exploit, losing about $1.6 million. The attacker upgraded Concentric vaults to malicious contracts they controlled, using an 'adminMint' function to mint and drain LP tokens from the LPStaking contract. Connections to OKX exploiter.

Quiet day in the security space ... makes me suspicious

10503

Preston

@ptonewreckin·

https://github.blog/2024-01-16-rotating-credentials-for-github-com-and-new-ghes-patches/

/infosec

10503

Preston