BREAKING: Introducing our latest "HashDit Pro" Chrome Extension๐๐ฅณ
The latest Extension will offer :
๐น Powered up Threat Protection (stay SECURED against address poisoning / drainer + any other phishing attacks)
๐น Smart Contract Simulation (preview balance changes and approval changes)
๐น Supporting 7 popular wallets + all EVM chains
๐น Website checker (Clear pop-up warning when visiting malicious websites)
๐ค What you should do if you are using the old Extension? Remove the old Extension and install our latest Extension for continuous improved protection!
Download here NOW for FREE: https://t.co/gaGayreOLI
Stay safe with HashDit Pro! ๐ก๏ธ
๐จ HashDit Alert! ๐จ
We have monitored that VES Finance has been compromised and drained for roughly $109k worth of funds.
The VECAndETH exposed a getReward() function. Internally, earned() -> calculateUSDTToETH(), which relied on PancakeRouter.getAmountsOut using a PancakeSwap liquidity pair price that had been manipulated via a flash-loan swap.
As a result, the attackerโs legitimate reward of 17.14 USDT was mispriced as a payout worth 76.11 BNB, whereas the fair value should have been only about 0.0096 ETH. In total, the contract paid 68.50 ETH to the attacker, with the remainder taken as fees.
Funds have been deposited into Tornado Cash.
Detected by our Internal HashDit AI Triage Monitor.
Stay safe!
@corezcat@GameStopfun@trumpaizzz 2 hours after we released this tweet, the scammer decided to finally rug the remaining ~$57k worth of liquidity.
Funds are now here: https://t.co/l6QdB5tXap
๐จ HashDit Alert! ๐จ
We have monitored that @corezcat as well as @GameStopfun have also rugged their community, in similar fashion, for a total of $93k worth of funds.
Both Token Contracts likewise override the standard ERC-20 balanceOf() to delegate entirely to an external contract "EIP712" and "_cachedThis" which allowed the hacker to arbitrarily change the balances of the Pool + Hack Contract.
Funds are still in the hackers' wallets.
Detected by our Internal HashDit AI Triage Monitor.
Stay safe!
๐จ HashDit Alert! ๐จ
We have monitored that @xpepetrump project has rugged and drained $38.5k worth of funds from the LP..
Root cause: PEPEToken contract (0xc81688968Bd1E8Da313B8F2936852eC4307Cd17f) overrides the standard ERC-20 balanceOf() to delegate entirely to an external contract LockupContractFactory whose unverified code allowed the attacker to set arbitrary nonce values for the PancakePair address via function selector 0x801425e6.
Before the hack, the LockupContractFactory logic contract was maliciously upgraded and changed to include the rug function selector.
Funds are still in the hacker's wallet.
Detected by our Internal HashDit AI Triage Monitor.
Stay safe!
@corezcat@GameStopfun ๐จ The next token to be rugged in this scheme is @trumpaizzz ๐จ
https://t.co/qJk3Bdgjhe
If you are still holding on to this token, we strongly recommend you to sell it asap!!
Stay safe!
๐จ HashDit Alert! ๐จ
We have monitored that @xpepetrump project has rugged and drained $38.5k worth of funds from the LP..
Root cause: PEPEToken contract (0xc81688968Bd1E8Da313B8F2936852eC4307Cd17f) overrides the standard ERC-20 balanceOf() to delegate entirely to an external contract LockupContractFactory whose unverified code allowed the attacker to set arbitrary nonce values for the PancakePair address via function selector 0x801425e6.
Before the hack, the LockupContractFactory logic contract was maliciously upgraded and changed to include the rug function selector.
Funds are still in the hacker's wallet.
Detected by our Internal HashDit AI Triage Monitor.
Stay safe!
๐จ HashDit Alert! ๐จ
We have monitored that @gnosis_ 's X account has been compromised! Do not interact with any posts from the account for the time being, until the issue has been resolved.
Stay safe!
โ ๏ธ Web3 social managers on X: stay alert. Scam phishing emails targeting crypto are circulating again.
If you enter your project's credentials into the fake login page, your X account WILL GET HACKED!
Stay vigilant!!
Refer to this for more information: https://t.co/D7b6ZJDNFv
๐จ HashDit Alert๐จ
Multiple reports indicate that @Humanityprot has been compromised! โ ๏ธ
Our analysis shows >$30M stolen so far, with the exploit still ongoing. Current Root Cause points to Key Compromise.
Funds are here now on ETH: 0x9e995952eF7665B243eeEF0693acD7FEd7150504
0xf3590Fc0D591A3868e19b9A200A85165592f9734
0x59Eff548CD9BcfBc169B6340f734e442c764A814
0x36560d6aC2004e1BB483e77b791E905dd4F5E672
0xAf2a4989922299EB14A29E332dad1012A8aaD3A0
On BSC, 0x6aa22cb8420e94fc2119364b4c7885710ae753bb has minted 100m $H tokens and is currently still dumping with >$350k realized so far!
Stay Safe!
We're aware of a security incident involving the compromise of private keys belonging to a member of the Humanity Foundation. The safety of our community is our top priority, and we want to be fully transparent about what we know.
As a precaution, please do NOT interact with the bridge or any liquidity pools until we give the all clear. This is the single most important step you can take to protect your funds right now. We are actively working with leading security experts and our exchange partners to assess the scope of the incident and secure all affected systems.
We're deeply sorry that this has happened. Protecting this community is our responsibility, and we don't take that lightly. We will share verified updates as soon as we have them and we won't speculate before facts are confirmed.
Official updates will only come from this account or @terencekwok
Beware of the scammers and impersonators who exploit moments like this. We will never DM you first or ask for your seed phrase or private keys.
๐จ HashDit Alert๐จ
Multiple reports indicate that @dxsale has been compromised! โ ๏ธ
Any project with LP funds locked on DxSale should check immediately and withdraw if possible
Our analysis shows around $3M stolen so far, with the exploit still ongoing.
Main Theft address: 0xC4574DDEF299e7E563971e200433e592EeaaFA69
The attacker has also raised locking fees to 100 BNB, effectively blocking normal use.
With Discord, TG, and X all silent, the project appears either fully compromised or rugpulled...
Stay Safe!
๐จ HashDit Alert! ๐จ
A crypto stealer campaign has been identified involving malicious npm packages, for example "token-usage-tracker". This is a confirmed TrapDoor attack designed to steal credentials and crypto assets.
If installed, delete it immediately and rotate your keys/secrets.
To track AI token usage safely, use trusted packages that wrap official APIs, local tokenizers like tiktoken for estimation, and keep cost sheets updated with minimal external dependencies.
Stay safe!
๐จ BREAKING: Active supply chain attack across npm, PyPI, and Crates.โio.
Socket detected TrapDoor, a crypto stealer campaign hitting 34 malicious packages and 384 versions and artifacts, with attackers repeatedly pushing new releases across ecosystems.
TrapDoor targets #crypto, #DeFi, AI, and security developers, stealing wallets, SSH keys, cloud credentials, GitHub tokens, browser data, env vars, and API keys.
Socket detected releases with a median detection time of 5 minutes, 27 seconds. The fastest detection occurred 58 seconds after publication.
๐จ HashDit Update ๐จ
Two oracle service changes are underway:
โข Binance Oracle will transition to @AtlasOracleX , affiliated with @CoinMarketCap , over a 90-day period, with full completion by Aug 6.
โข @PythNetwork is upgrading Pyth Core on July 31, and Hermes users will now require Pyth API keys.
Projects using either provider should update their oracle feed addresses accordingly.
Reported Impact: The exfiltrated data consists of approximately 3,800 GitHub-internal repositories containing GitHub's own platform source code and internal tooling โ not user data, secrets, or third-party code. Critical internal credentials have already been rotated. No evidence of follow-on attacks against GitHub's production platform or customer-facing services has been reported.
๐จ HashDit Alert! ๐จ
GitHub has reported unauthorized access to some of its internal repositories!
Web3 / Crypto devs: now is a good time to audit your repos, check for any abnormal commits and remove any sensitive data that should NOT be there in the first place โ ๏ธ
With AI-powered attacks on the rise, breaches like this will become more and more common. Stay extra cautious with permissions, secrets management, and credential storage ๐ก๏ธ
Stay safe!
We are investigating unauthorized access to GitHubโs internal repositories. While we currently have no evidence of impact to customer information stored outside of GitHubโs internal repositories (such as our customersโ enterprises, organizations, and repositories), we are closely monitoring our infrastructure for follow-on activity.
5/5 ๐ก How can you protect yourself moving forward?
- Pin exact dependency versions
- Avoid `^` / `~` for critical packages
- Delay new package adoption by 7โ14 days
- Use behavior-based supply chain scanners
- Isolate build environments
- Never expose production secrets to npm install hosts
- Enable 2FA on registry accounts
Stay safe!
๐จ HashDit Alert! ๐จ
1/5 The popular `node-ipc` npm package has been compromised with a credential-stealing payload!
Confirmed malicious versions:
- `9.1.6`
- `9.2.3`
- `12.0.1`
If your environment touched these versions, assume risk โ ๏ธ
๐จ Socket detected malicious activity in newly published versions of node-ipc, an npm package with 822K weekly downloads.
Affected versions:
[email protected][email protected][email protected]
Socketโs AI scanner flagged the malware within ~3 minutes of publication.
Early analysis shows obfuscated stealer/backdoor behavior, including host fingerprinting, local file enumeration, payload wrapping, and attempted exfiltration.