-
Web3 Security Portal
🚀 The Plume Attackathon has launched with a prize pool of $200,000
Plume has opened access to its code, smart wallets, staking protocols, and RWA infrastructure to search for vulnerabilities.
The training academy helps to gain a deeper understanding of the system and increase the chances of success.
The competition runs until August 14 and is aimed at strengthening the security of the Plume ecosystem.
🔗 Details
🛡️ New Lido Finance Security Contest with a Prize Pool of $103,500
Lido Finance is launching a security audit lasting 26 days with significant rewards for finding rare vulnerabilities.
Special attention is given to bond accounting, protecting funds from theft, and preventing protocol attacks.
All details and recommendations are available in the audit documentation.
🔗 Details
🌉 $21 billion in illicit crypto transactions via cross-chain swaps
The volume of suspicious transfers through cross-chain swaps has increased by 211% over two years — from $7 billion to $21.8 billion.
12% of these funds are linked to North Korea, and chain and multi-hop schemes complicate tracking.
DEXs and coin exchange services are actively used for laundering — including splitting funds across 90+ assets and blockchains.
These methods are becoming the norm, enabling bad actors to successfully evade detection.
🔗 Details
🚨 BigONE hack of $27 million via a supply chain attack
The attackers compromised the exchange’s working network by altering the account and risk control logic.
Private keys were not stolen, but due to the changes, they managed to withdraw $27 million.
The hackers’ addresses have been published for tracking on Ethereum, BSC, Solana, Bitcoin, and Tron.
🔗 Details
🔐 New 9-round Threshold ECDSA from Binance
Binance has implemented a sophisticated 9-round threshold ECDSA protocol for secure joint signature generation without revealing the private key.
The protocol uses MtA protocol and Paillier homomorphic encryption to protect against hacks and enhance fault tolerance.
This is important for multisignature wallets, cross-chain bridges, and other decentralized applications.
Details of the cryptography and proofs will be disclosed in upcoming publications.
🔗 Details
🛡️ SlowMist: Analysis of Web3 Crypto Thefts in Q2 2025
In Q2 2025, SlowMist received 429 reports of crypto theft and helped freeze or recover nearly $12 million.
Main threats: phishing, counterfeit hardware wallets, malicious browser extensions, and social media attacks.
Particularly dangerous are new schemes involving EIP-7702 and fake services for canceling signatures, which mislead users.
The growth of off-chain attacks — through social networks and software — highlights the importance of vigilance and verifying every action.
🔗 Details
⚠️ Scammers stole $101K USDT through a fake address
In one of the recent cases, the fraudsters filled the transaction history with fake transfers to confuse the victim.
The user sent funds to a fake address and lost more than $101,000 USDT.
Such spam in the transaction history is a common trick used by scammers to deceive trusting users.
🔗 Details
🛑 Dangerous Solana bot on GitHub steals crypto assets
Recently, attackers disguised a malicious Node.js project as the popular solana-pumpfun-bot with fake dependencies.
The malware searches for private keys on the victim’s computer and sends them to the server githubshadow.xyz, leading to theft of funds.
To increase trust, the attackers created numerous fake accounts and forks, artificially inflating the project’s popularity.
This incident highlights the risks of using suspicious open-source projects with unverified packages.
🔗 Details
🛡️ Fraudulent Solidity Extension Stole $500K from a Developer
In June 2025, a malicious plugin for Cursor AI with 54,000 downloads disguised itself as a Solidity syntax highlighter but downloaded and executed PowerShell scripts to install remote control.
The attackers exploited the Open VSX ranking algorithm, which promoted their fake extension above the original one that had fewer downloads.
Using a backdoor and stealer, they stole private keys and drained cryptocurrency. The fake extension was quickly removed, but a new one appeared with 2 million downloads and a similar name.
Such attacks on open-source packages are on the rise, threatening the security of Web3 developers.
🔗 Details
🛡️ Hacker began returning the stolen $40 million from GMX
The GMX v1 exploiter hacked the liquidity and stole $40 million, but has now started returning the funds after a promise made in an on-chain message.
About $20 million in ETH and FRAX has already been returned, and GMX is offering a white-hat bounty of $5 million for the return of the funds.
The GMX team warned of legal actions in case of non-return and is ready to confirm the legitimacy of the return.
🔗 Details
🛠️ Risk Due to Unverified Token Minting
The lack of verification for token minting in smart contracts opens the door to serious economic attacks.
Critical accounts without verification are a weak point that attackers can exploit.
This often leads to vulnerabilities with potential financial losses.
🔗 Details
🚀 Ethereum Foundation Strengthens Ecosystem Support
The Ethereum Foundation is expanding its ecosystem support structure by focusing on four key areas: accelerating growth, strengthening the community, funding, and removing barriers.
New teams have been created to support developers, enterprises, and local communities, as well as to build partnerships with governments and the academic world.
This reorganization aims to improve Ethereum’s security, resilience, and scalability in the real world.
🔗 Details
🚨 In the USA, charges were filed for a $650 million crypto scam
Two men are accused of a large-scale OmegaPro scheme promising 300% profits, defrauding investors worldwide.
The scam lasted from 2019 to 2023 and included false advertising campaigns and promises of quick wealth.
Hundreds of victims suffered losses, with their investments vanishing without a trace.
🔗 Details
🛡️ A vulnerability occurred outside of Kinto, affecting the $K token on Arbitrum
Hackers attacked the $K token outside the Kinto network, impacting its deployment on Arbitrum.
Other funds in Kinto wallets and bridges are safe and not compromised.
A thorough investigation is underway involving Seal 911, Hypernative, and Zeroshadow.
🔗 Details
🛡️ Baanx launches Bug Bounty with rewards up to $50K
Baanx has announced a Bug Bounty program on Immunefi with rewards of up to $50,000 for finding vulnerabilities in smart contracts and applications.
You can earn up to $50K for critical bugs in smart contracts and up to $25K for vulnerabilities in web and mobile applications.
The program is already active and aimed at strengthening OpenFi security and protecting digital assets.
🔗 Details
🌐 DeFi Learning Using Aave V3 as an Example
The program by @ProgrammerSmart dives into the basics of Aave V3: working with reserves, tokens, and flash loans.
The course includes practical skills in Solidity and testing with Foundry to build real-world applications.
Key processes studied: supplying, borrowing, repaying, liquidations, and interest rate models.
The course helps to understand the depth of the protocol and develop skills for secure DeFi development.
🔗 Details
🛡️ Hackers stole $2.1 billion in crypto in the first half of 2025
Most of it — infrastructure attacks: theft of keys, seeds, and interface hacks.
The largest incident — Bybit hack of $1.5 billion, possibly the work of North Korea.
In June, Iranian Nobitex was also hacked — losses of $90 million.
🔗 Details
🚨 Phishing due to "Permit": loss of $340K
The victim signed a phishing "Permit" signature and lost $340,117 in USD0++.
The scammer took advantage of carelessness during the signing. Always carefully check all signature requests to avoid this risk.
🔗 Details
🕵️♂️ CPIMP Vulnerability: Large-Scale Attack Partially Prevented
A hidden CPIMP attack — clandestine proxy — masquerading as a legitimate implementation and resistant to removal, has been found in several DeFi protocols.
The attacker could control various functions and steal assets while remaining unnoticed on Etherscan.
Thanks to coordinated security efforts, most of the threat has already been neutralized, but the attack continues on vulnerable contracts.
🔗 Details
🛡️ ArcadiaFi Hack: Over $2 Million Stolen Due to a Vulnerability
The attacker exploited a bug in the rebalancing process by faking calls to withdraw assets while repaying minimal debt.
The chain of calls allowed execution of arbitrary code, enabling theft of amounts larger than what was repaid.
The vulnerability was in the executeAction and flashAction functions, which opened access to asset management.
🔗 Details
🚀 Last chance to join School of Solana Season 7
Only 48 hours left to join the training program by the Solana Foundation, which has helped develop 1,517 developers.
The course lasts 9 weeks and includes lessons from security experts, with an opportunity to receive an official blockchain certificate.
The training is free and starts immediately after the application deadline on Wednesday, June 16.
🔗 Details
🌿 Green scam Rowan Energy: clean energy or fraud?
Rowan Energy promised eco-friendly mining on its own "private" blockchain, but a researcher discovered a hidden minting mechanism of over 400 million tokens.
Founder David Duckworth engaged in 69 days of gaslighting, then disappeared with tens of millions, and the SmartMiner devices turned out to be worthless products.
A scammer with ten years of experience just changed industries — now under the guise of "green" technologies, he deceived thousands of investors.
🔗 Details
🚨 Arrest and Quick Release of Bitcoin Developer in El Salvador
Bitcoin developer Jon Atack was detained in El Salvador following a dispute with a neighbor, who accused him of gender-based violence under local law.
An hour after the arrest, Atack was released without charges, with officials highlighting the professionalism of the police and emphasizing that the incident was unrelated to his work on Bitcoin.
The incident sparked widespread discussion within the community about the role of the state and the public reaction to the Bitcoin project in the country.
🔗 Details
🚨 Texture Vaults Exploit of $2.2 Million
On July 9, an attacker exploited the rebalance function in the Texture Vaults contract, transferring approximately $2.2 million to their wallet.
The interface and contract were immediately paused, the issue was fixed, and the funds were returned.
🔗 Details
❤️🔥 Crypto scammers stole $36.9 million through dating websites
Scammers lured victims with trust and crypto advice, directing them to fake platforms showing fictitious profits.
The money was converted into USDT and laundered through Axis Digital branches and crypto wallets in Cambodia.
In 2025, the DOJ seized more than $225 million linked to such schemes, highlighting the growing role of stablecoins in money laundering.
Scammers use complex networks with shell companies and rapid crypto transfers to conceal their activities.
🔗 Details
🛡️ Why Are South Korea’s White Hats the Best?
South Korean white hats are known not only for their diligence and competitiveness.
Hidden factors support their high level, despite the rise of the Lazarus hacker group to 14th place among ETH wallets.
This highlights the complex balance in Web3 security and threats from elite hackers.
🔗 Details
🛡️ Critical backdoor in thousands of smart contracts
On July 7, the VennBuild team discovered a vulnerability in unlaunched ERC1967Proxy contracts that allowed hackers full control.
The backdoor enabled replacing implementations and deceiving Etherscan, remaining undetected and unfixable.
With the help of experts, it was possible to save the majority of funds totaling over $10 million within 36 hours.
The hackers likely waited for a bigger payoff and did not start an attack.
🔗 Details
🛡️ Critical vulnerability in Cove identified and fixed
On June 12, 2025, a dangerous reentrancy bug was discovered and promptly resolved in the Cove liquidity mining program.
The vulnerability was in the 1inch token plugins version 1.0.0 and was used only in Cove, not affecting the 1inch infrastructure.
User funds were not affected, and for security reasons, 652,565 non-fungible COVE tokens were locked.
🔗 Details
🛡️ GMX V1 Hack of $42 Million Due to Smart Contract Vulnerability
On July 9, 2025, the GMX protocol on Arbitrum suffered an attack caused by a reentrancy vulnerability and incorrect accounting of assets under management (AUM).
The attacker used a fraudulent smart contract to artificially inflate the value of GLP tokens and drain more than $42 million from GMX’s liquidity pool.
The issue stemmed from a wrong assumption about the account type and outdated AUM calculation when opening short positions, which allowed bypassing the protocol’s logic.
The GMX team has paused all GLP operations on Arbitrum and called for the return of the funds, offering a $4 million bug bounty.
🔗 Details
🤖 New AI Risks in Web3 Security
Modern smart contract audits are no longer sufficient — it is now crucial to verify the input data for AI/ML models that drive trading bots and oracles.
Poisoned data and hostile AI can bypass contract logic and cause significant losses.
There is also the risk of API key leaks and attacks on off-chain computations that power AI.
The zkML technology promises protection but remains experimental and comes with new vulnerabilities.
🔗 Details