Log inSign up
Decurity
347 posts
user avatar
Decurity
@DecurityHQ
DeFi Security | Tier-1 Security Audit Firm | Top-2 in @Paradigm and @OpenZeppelin CTF | Public audits: github.com/Decurity/audits
decurity.io
Joined October 2011
73
Following
3,546
Followers

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • user avatar
    Decurity
    @DecurityHQ
    Mar 30, 2025
    Synthetics Implemented Right @leveragesir has been hacked for $355k This is a clever attack. In the vulnerable contract Vault (etherscan.io/address/0xb91a…) there is a uniswapV3SwapCallback function that uses transient storage to verify the caller. Specifically, it loads an address
    39K
  • user avatar
    Decurity
    @DecurityHQ
    Mar 7, 2025
    Here's our detailed postmortem of a recent incident involving @1inch and @trustedvolumes:
    Yul Calldata Corruption — 1inch Postmortem
    From blog.decurity.io
    30K
  • user avatar
    Decurity
    @DecurityHQ
    Jul 18, 2023
    This is a story about how we found a critical vulnerability in @dxsale, helped rescuing more than $5 million, and got offered a $500 bounty.
    Dx Protocol Vulnerability Disclosure: Mitigation of a $5,200,000 Smart Contract Exploit
    From blog.decurity.io
    29K
  • user avatar
    Decurity
    @DecurityHQ
    Mar 21, 2025
    Releasing our new IDA Pro plugin for analyzing Solana's eBPF programs developed by @dewardgnome. Check out the blog post:
    Reversing Solana programs with IDA
    From blog.decurity.io
    9K
  • user avatar
    Decurity
    @DecurityHQ
    Apr 17, 2025
    We analyzed the smart contract hacks from 2020 to 2025 to answer the question: how fast the vulnerable smart contracts get exploited after the deployment? Read the research: time-to-hack.decurity.io
    9.7K
  • user avatar
    Decurity
    @DecurityHQ
    Jul 16, 2024
    Li.Fi bridge was exploited for ~8M USD. The root cause is a possibility of an arbitrary call with user controlled data via `depositToGasZipERC20()` in GasZipFacet which was deployed 5 days ago! One of hack txs: defimon.xyz/attack/mainnet…
    19K
  • user avatar
    Decurity
    @DecurityHQ
    Jul 30, 2023
    pETH belonging to @JPEGd_69 has just been exploited for 11 million USD with a Curve read only reentrancy. An attacker was frontrunned by a MEV-bot: etherscan.io/tx/0xa84aa065c… A screenshot from our monitoring system:
    46K
  • user avatar
    Decurity
    @DecurityHQ
    Apr 16, 2024
    🔬New tool for onchain bug hunters: github.com/Decurity/tx-co… tx-coverage allows to reveal unused code of live smart contracts by collecting coverage from historical transactions. With it you can discover code that was never executed onchain and may contain potential bugs.
    5.7K
  • user avatar
    Decurity
    @DecurityHQ
    Aug 2, 2023
    c0ffeebabe.eth executed a front-run hack for 1.9k $ on pbtc-sbtc-f Curve pool compiled with vulnerable Vyper 0.2.15: etherscan.io/tx/0xe928d5de5… This time a reentrancy was possible due to a ERC-777 callback in sBTC instead of a fallback on eth transfer.
    44K
  • user avatar
    Decurity
    @DecurityHQ
    Mar 28, 2024
    . @PrismaFi hacked for 8 million USD defimon.xyz/attack/mainnet…
    19K
  • user avatar
    Decurity
    @DecurityHQ
    Dec 3, 2024
    Defimon.xyz alerts are now public! Join t.me/defimon_alerts to learn about DeFi incidents in real-time. For bug bounty hunters we indexed all smart contracts from @Immunefi to notify about: ~ Proxy Upgrades ~ Access Control Changes ~ Governance Activity and more
    Defimon - Real-Time DeFi Security Monitoring
    From defimon.xyz
    11K
  • user avatar
    Decurity
    @DecurityHQ
    May 20, 2023
    Looks like Tornado Governance got eventually exploited: etherscan.io/tx/0x65fa5b475…
    user avatar
    Spreek
    @spreekaway
    May 18, 2023
    Possible governance attack (?) underway at TORN. Someone creating hundreds of contracts atomically and then passing zero TORN transfers through before transferring on to gov vault, very weird activity.
    17K
  • user avatar
    Decurity
    @DecurityHQ
    Nov 1, 2023
    Looks like @OnyxProtocol has been exploited for $2 million! defimon.xyz/attack/mainnet…
    15K
  • user avatar
    Decurity
    @DecurityHQ
    Mar 20, 2023
    Our audit reports for the @1inch Fusion contracts are out now! During development and testing, the 1inch contributors' team has resolved the following issues reported by us: ✅ 3 high severity bugs ✅ 1 medium severity bug ✅ 7 low ✅ 16 info Check it out: github.com/Decurity/audit…
    32K