Slayer Security @slayersecurity - Twitter Profile

🚨 JUST IN: @RetoSwap, the largest Monero DEX, was drained for ($2.7M). RetoSwap runs on @HavenoDEX , the P2P Monero trading protocol where the bug was found. Root cause: Haveno flaw allowing pre-multisig arbitrator spoofing via fake ACK messages. Trading is halted.

chrisdior777's tweet photo. 🚨 JUST IN:

@RetoSwap, the largest Monero DEX, was drained for ($2.7M).

RetoSwap runs on @HavenoDEX , the P2P Monero trading protocol where the bug was found.

Root cause: Haveno flaw allowing pre-multisig arbitrator spoofing via fake ACK messages.

Trading is halted. https://t.co/yDLZHiRoRi

3

51

9

19

4K

0

1

0

33

Slayer Security @slayersecurity

17 days ago

The Aurellion Labs bug is a good reminder that proxy safety is not just "is there an owner?" The contract can have an owner and still be uninitialized. For Diamond/proxy systems, post-deploy checks should assert the initializer is consumed. https://t.co/eomtyUk6pM

0

23

Slayer Security @slayersecurity

18 days ago

We are about to finalize the audit for @ammomarkets , and uncovered some interesting edge cases around staking contracts and mint flow. The report will be public soon... If you are a protocol with a tight budget and need a quality audit before launch, DM Us.

0

2

1

0

78

Slayer Security @slayersecurity

18 days ago

An exploit on the Echo Protocol led to a loss of approximately $76.7 million. Cause: stolen administrator private key (an operational failure) rather than a flaw in the smart contract code. https://t.co/yefhqHbaXb

0

2

1

0

42

slayersecurity retweeted

Coin Bureau

@coinbureau

18 days ago

⚠️ALERT: ANOTHER MAJOR HACK STRIKES CRYPTO; $76M EXPLOIT HITS MONAD Echo Protocol on Monad was reportedly exploited after an attacker minted 1,000 eBTC worth roughly $76.6M, as per Lookonchain. The hacker allegedly used part of the funds as collateral on Curvance to borrow WBTC, bridged assets to Ethereum, swapped them into ETH, and routed roughly 385 ETH through Tornado Cash. The attacker still reportedly controls around 955 eBTC worth over $73M. This now marks the THIRD major crypto exploit in just 4 days!

coinbureau's tweet photo. ⚠️ALERT: ANOTHER MAJOR HACK STRIKES CRYPTO; $76M EXPLOIT HITS MONAD

Echo Protocol on Monad was reportedly exploited after an attacker minted 1,000 eBTC worth roughly $76.6M, as per Lookonchain.

The hacker allegedly used part of the funds as collateral on Curvance to borrow WBTC, bridged assets to Ethereum, swapped them into ETH, and routed roughly 385 ETH through Tornado Cash.

The attacker still reportedly controls around 955 eBTC worth over $73M.

This now marks the THIRD major crypto exploit in just 4 days!

173

794

159

109

158K

Slayer Security @slayersecurity

18 days ago

Hacks never stop.

0xApple

@0xapple_

19 days ago

🚨 $11.58M drained from @VerusCoin ’s Ethereum bridge in minutes. The attacker made one tiny real transaction on Verus — ~$10 in fees. Just enough to get a real `txid` on-chain. Nothing valuable. Just a receipt. He took that receipt + Verus chain data and crafted a PartialTransactionProof. Then he submitted it to the Ethereum bridge contract via submitImports() → proveImports() The bridge checked two things: ✅ Does the proof's state root match Verus? ✅ Does the hash match? What the bridge *never* checked: ❌ "Is this txid actually backed by $11.58M locked on Verus?" That one missing check cost the protocol: → 1,625 ETH → 103 tBTC → 147,000 USDC The proof was real. The money behind it wasn't.

4

51

4

28

4K

0

2

0

16

Slayer Security @slayersecurity

22 days ago

Building in Web3 and looking for a security partner without putting a scratch on your runway? DM us at @slayersecurity or visit https://t.co/a4H62Yepys We will put everything we know to secure your code, so you can sleep at peace.

0

2

0

32

Slayer Security @slayersecurity

22 days ago

Excited to announce our audit partnership with @AmmoMarkets 🤝

1

3

0

258

Slayer Security @slayersecurity

22 days ago

At Slayer Security, our goal is simple: High quality audits that teams can actually afford. "We Slay Bugs, Not Your Budget."

1

2

0

33

Slayer Security @slayersecurity

23 days ago

We are grateful for all your contributions to smart contract security. Thank You C4

Code4rena

@code4rena

23 days ago

After careful consideration, we’ve made the decision to wind down @code4rena. This community has meant a great deal to everyone who has been part of building it, and sharing this news is not easy.

26

274

31

19

131K

0

1

0

23

slayersecurity retweeted

Orion Finance @OrionFinanceAI

23 days ago

Bug Bounty Week 3 📌 This week, we've processed 14 new submissions. The updated scoreboard: - Total Reports: 75 - New Findings: +4 Lows identified and mitigated. Every submission helps us harden our architecture as we approach our final audit.

OrionFinanceAI's tweet photo. Bug Bounty Week 3 📌

This week, we've processed 14 new submissions.

The updated scoreboard:
- Total Reports: 75
- New Findings: +4 Lows identified and mitigated.

Every submission helps us harden our architecture as we approach our final audit. https://t.co/nFfjCTj8tC

2

8

2

0

388

Slayer Security @slayersecurity

28 days ago

Each issue alone may have seemed low severity. Combined, they formed a complete exploit chain: become trusted → replay signatures → drain funds. This is why smart contract audits must analyze system composition and interaction boundaries, not just isolated functions.

0

20

Slayer Security @slayersecurity

28 days ago

TrustedVolumes lost ~$6.7M from 3 compounding vulnerabilities in their RFQ swap proxy. 🧵 The exploit wasn’t caused by one critical bug. It came from multiple smaller issues interacting with each other. https://t.co/Fy4RCZRxc3

1

0

30

Slayer Security @slayersecurity

28 days ago

3. Unvalidated transfer source field The contract trusted user-controlled source addresses during transfers, enabling unauthorized movement of approved funds.

1

0

20

Slayer Security

@slayersecurity

Last Seen Users on Sotwe

Trends for you

Most Popular Users