HYDN - Cybersecurity Experts

Verified account

@HYDNSecurity

Cybersecurity & Blockchain Security Experts: Smart Contract Audits, Penetration Tests, Red Team. Book an Audit, Pen Test or Red Team -

UK

Joined April 2022

1.2K Following

1.5K Followers

547 Posts

Pinned Tweet

HYDN - Cybersecurity Experts

about 3 years ago

1/ 🚨 BREAKING: HYDN rescued over $600k of user funds during an attack on @SushiSwap. Our team was the first to identify a critical vulnerability and worked quickly with SushiSwap to rescue user funds. Here's the inside scoop on how it all went down.👇 #blockchain #sushi

15

757

36

3

113K

HYDN - Cybersecurity Experts

1 day ago

@cantinasecurity @injective Aren't these guys scamming SRs?

0

1

0

0

47

HYDN - Cybersecurity Experts

3 days ago

@pashov really ahead of the game there in 2018...

2

6

0

0

583

HYDN - Cybersecurity Experts

4 days ago

@0xriptide @therealgregoAI The only certainty is projects will do everything in their power to avoid paying for another audit...

0

1

0

0

297

Who to follow

Verified account

JARN magazine has been covering the world #HVACR industry, markets, products, new #technology, etc. since 1969. Click links and read articles!

Verified account

Telegram https://t.co/qOHEkyaNYl Security audits @PashovAuditGrp Angel investing @PashovCapital

Verified account

Next-Gen UI Component Suite for Vue.js

HYDN - Cybersecurity Experts

4 days ago

@SimBadd18 fax it to yourself

0

0

0

0

299

HYDN - Cybersecurity Experts

4 days ago

⚡️We've got some last minute availability for Smart Contract Audits in June, head to the website or send us a message on Telegram to get a quote - https://t.co/trF9JbZ8M0

0

2

1

0

39

HYDN - Cybersecurity Experts

8 days ago

Your DLP tools don't catch an employee pasting source code into a coding assistant or uploading a contract to an AI summariser. Shadow AI bypasses most of the controls enterprises have spent years building. New post on why it's harder to detect than most teams realise. https://t.co/sQp1aRQ7G5

HYDNSecurity's tweet photo. Your DLP tools don't catch an employee pasting source code into a coding assistant or uploading a contract to an AI summariser.

Shadow AI bypasses most of the controls enterprises have spent years building. New post on why it's harder to detect than most teams realise.

https://t.co/sQp1aRQ7G5

0

3

0

0

21

HYDN - Cybersecurity Experts

9 days ago

@__Raiders yeah we do a lot of this type of work, but it’s still an uphill battle trying to educate/sell companies on it

0

0

0

0

3

HYDN - Cybersecurity Experts

9 days ago

Another private key compromise. Learn more about HYDN's Red Team services to see how we can help protect your company from attackers. https://t.co/YG4fxeQgzX

9 days ago

The StakeDAO deployer private key (0x000755Fbe4A24d7478bfcFC1E561AfCE82d1ff62) was compromised. The attacker used it to reconfigure the LayerZero v2 OFT peer on the vsdCRV (Vote Boosted sdCRV) token contract, redirecting trust from the legitimate Ethereum-side vsdCRVOFTAdapter to an attacker-deployed malicious contract - then sent a forged cross-chain message that minted 5,446,744,073,709 vsdCRV (~5.4 trillion tokens).

9

73

6

8

53K

0

1

0

0

64

HYDN - Cybersecurity Experts

10 days ago

Your employees are using AI tools your security team has never heard of. They're pasting customer data, internal documents, and sensitive queries into models running on infrastructure you have no visibility into and no logging on. HYDN surfaces what's already in your environment, turns it into structured intelligence, and routes it into your SIEM, so you can see who is using which AI tools, with what data, before it becomes a breach. https://t.co/wMRJTs56kG

HYDNSecurity's tweet photo. Your employees are using AI tools your security team has never heard of.

They're pasting customer data, internal documents, and sensitive queries into models running on infrastructure you have no visibility into and no logging on.

HYDN surfaces what's already in your environment, turns it into structured intelligence, and routes it into your SIEM, so you can see who is using which AI tools, with what data, before it becomes a breach.

https://t.co/wMRJTs56kG

0

1

0

0

49

HYDN - Cybersecurity Experts

14 days ago

Another OpSec failure resulting in a hack...it's time for companies to start taking security more seriously. Learn more about HYDN's Red Team services to see how we can help protect your company from attackers. https://t.co/YG4fxeQgzX

Polymarket Developers

@PolymarketDevs

14 days ago

We’re aware of the security reports linked to rewards payout. User funds and market resolution are safe. Findings point to a private key compromise of a wallet used for internal top-up operations, not contracts or core infrastructure. More updates to follow.

31

238

51

12

48K

0

2

0

0

57

HYDN - Cybersecurity Experts

15 days ago

@0xriptide Probably get banned as a time waster for a theoretical attack path "this is just theoretical, it would never happen"

0

3

0

0

157

HYDNSecurity retweeted

17 days ago

1/ We are sharing additional details regarding our investigation into unauthorized access to GitHub's internal repositories. Yesterday we detected and contained a compromise of an employee device involving a poisoned VS Code extension. We removed the malicious extension version, isolated the endpoint, and began incident response immediately.

584

11K

4K

4K

7M

HYDN - Cybersecurity Experts

17 days ago

Another exploit that came from a compromised key and not a smart contract bug. It's imperative that teams get their full stack security tested beyond just an audit of the smart contracts. Get in touch with HYDN to see how we can help with penetration tests and red team exercises to help prevent these sorts of hacks. https://t.co/d1sbJrFrbP

18 days ago

Earlier today, Echo Protocol identified unauthorized activity involving eBTC on Monad that resulted in unauthorized minting and associated fund loss. Our investigation indicates the issue originated from a compromised admin key affecting the Monad deployment. Based on current findings, approximately $816K was impacted on Monad. The Monad network itself was not impacted and continues to operate normally. Since detecting the incident, we have been actively investigating potential cross-chain exposure, coordinating with ecosystem partners, and implementing additional precautionary measures. We have successfully regained control of our admin keys and burnt the remaining 955 eBTC that was in the attacker’s possession.

37

84

6

17

20K

0

1

0

0

98

HYDN - Cybersecurity Experts

18 days ago

🚨 The Versus Bridge hack is the 8th major bridge hack of the year so far, bringing the total stolen to over $300m...and it's only May. If projects aren't doing continuous security, they're way behind the hackers already and AI is only making this worse.

0

1

0

0

22

HYDN - Cybersecurity Experts

18 days ago

@adeolRxxxx @VerusCoin It's pretty bleak out there atm for sure.

0

1

0

0

162

HYDN - Cybersecurity Experts

19 days ago

@adeolRxxxx Definitely. We always recommend multiple audits from different companies and contests if teams can afford it. As many eyes as possible on the code is always useful.

0

5

0

0

205

HYDN - Cybersecurity Experts

21 days ago

@A_Leutenegger Part 3 is way overlooked in web3 atm. Anything to do with supply chain risks, red teaming, tabletop exercises, even basic pen testing is still overlooked by most projects. they just think audit = done.

0

0

0

0

21

HYDN - Cybersecurity Experts

22 days ago

@0xnirlin We built one a couple of years ago that actually did this. We never ended up launching it because when we spoke to some of the biggest DeFi projects they either didn't want to pay much for it, or thought it went against decentralisation ethos...just sticking with hacks.

0

0

0

0

10

HYDN - Cybersecurity Experts

22 days ago

@ShieldifySec @Fast_Protocol @primev_xyz Good job calling them out and sharing.

1

2

0

0

443

Last Seen Users on Sotwe

Trends for you

Most Popular Users