Jeff Security

7 months ago

Made $60k last month from audit 😎 What about you?

21

135

0

21

10K

about 12 hours ago

BSC testnet contracts containing malware Injected JS on hacked sites calls eth_call → pulls full malware payload from on-chain storage. No domain/host to seize, free testnet infra, un-takedownable🫠 https://t.co/GbSqmvmZkQ

1

3

0

122

jeffsecurity retweeted

about 20 hours ago

|￣￣￣￣￣￣￣￣￣￣￣| We need a BD Engineer |＿＿＿＿＿＿＿＿＿＿＿| \ (•◡•) / \ / —— | | |_ |_

9

35

5

7

2K

jeffsecurity retweeted

Founder of @ShieldifySec🛡️ Blockchain security audits. Your security partner, for the long term.

1 day ago

The most expensive bugs aren't always the clever ones. It's often the obvious ones everyone assumed someone else had already checked. Reentrancy didn't die. It just learned to hide behind "we use OZ."

2

7

1

0

293

Who to follow

Mr Anon

@ShieldifyAnon

pashov

@pashov

Security audits @PashovAuditGrp Angel investing @PashovCapital

Owen | Guardian

@0xOwenThurm

Founder, @guardianaudits. $45,000,000,000+ Protected. Host: Permissionless Podcast. Book an audit → https://t.co/M4i98qFCD3

1 day ago

The most expensive bugs aren't always the clever ones. It's often the obvious ones everyone assumed someone else had already checked. Reentrancy didn't die. It just learned to hide behind "we use OZ."

2

7

1

0

293

jeffsecurity retweeted

1 day ago

New audit report, this time for @Bankroll_Status 🤝 Quick audit, solid team, clean code! 🫡 For more details, check out the report at 👇 https://t.co/6T1Qndj73R

1

24

6

10

1K

3 days ago

Sadly "self-custody" is only as strong as the modules bolted onto your Safe. Gnosis just got hit through the Zodiac delay module 😢 https://t.co/ssc9MoWc5m

1

6

0

291

6 days ago

@ShieldifySec @Crushxyz 🫡🫡

0

315

6 days ago

No foolproof fix for prompt injection yet - but you can shrink the blast radius. Good rundown on delimiting untrusted input, scoping permissions & monitoring LLM activity. Relevant if you're securing AI agents 🤖 https://t.co/gLP4Ty6Vzb

1

8

0

269

jeffsecurity retweeted

chrisdior

@chrisdior777

7 days ago

Web3 hackers negotiating a 20% bounty after draining a couple mil:

7

141

13

12

3K

7 days ago

@ShieldifySec No

1

2

0

1

710

8 days ago

Your audit is a snapshot. The codebase is a movie. The diff between them is where the funds go. Re-audit every upgrade like your reputation depends on it. Because it does.

0

5

0

280

10 days ago

Man recovers 5 BTC (~$350k) from a legacy https://t.co/6rEe5Bz5of wallet using Claude AI. https://t.co/ShExWFZoeo

0

6

0

397

10 days ago

1

3

0

297

14 days ago

If you're crossing from web2 sec into web3 (or vice versa), this repo is gold. Hundreds of bug bounty writeups grouped by class - IDOR, race conditions, RCE, SSRF, auth bypass. https://t.co/zJBjAfEpbW

1

31

1

43

1K

14 days ago

ChainSecurity's 2026 ETH security wishlist: - shared whitehat fuzzers - safer signing. - compiler-level 24KB fixes https://t.co/scw5rpfOgc

0

15

0

6

793

16 days ago

Neat find: recursive calldata decoder for EVM txs. handles multicalls, batched txs, and nested ABI-encoded calls that most generic decoders choke on. fully client-side, served via ENS. https://t.co/knO5QijOp9

0

8

0

4

390

19 days ago

@ShieldifySec @Fast_Protocol 😑

0

5

0

88

jeffsecurity retweeted

21 days ago

🚨PSA for anyone considering working with these guys, they don't pay for their audits. We've been chasing the invoice for months! Repost, so no one else wastes their time. @MuratLite @Fast_Protocol @primev_xyz

7

55

12

5

9K

21 days ago

Auditors heads up on these guys! They don't pay for their audits. Repost it🫡

21 days ago

🚨PSA for anyone considering working with these guys, they don't pay for their audits. We've been chasing the invoice for months! Repost, so no one else wastes their time. @MuratLite @Fast_Protocol @primev_xyz

7

55

12

5

9K

1

22

0

2

2K