Daily Security

A good article https://blog.openzeppelin.com/6-questions-to-ask-before-writing-a-uniswap-v4-hook

A must have to read

Fake extension for the cursorAI IDE code editor infected devices with remote access tools and info stealers, which led to the theft of $500,000 in cryptocurrency: https://x.com/officer_cia/status/1945181172729786643?s=46 #security

An open, precise, and distributed approach to producing and consuming vulnerability information for open source ⬇️ • https://x.com/officer_cia/status/1949100969410679262 #security

The recent ~$140M (R$ 800M) cyberattack on the Central Bank of Brazil services provider C&M Software is easily one of the most insane cases from this year. Six financial institutions experienced unauthorized access to their reserve accounts on June 30, 2025. Attackers converted fiat to BTC / ETH / USDT via Latam OTCs / exchanges. By my estimate at least $30-40M was converted to crypto. Brazilian law enforcement has since shared the threat actor paid an employee at C&M only $2.76K (R$ 15K) for his corporate login and password. I'll publish theft addresses related to the incident that I found when it's ok to share them as I have been helping freeze funds and attributing unlabeled OTCs. Have not seen much coverage on the incident outside of Brazil.

https://unphishable.io - Train to spot Web3 phishing scams — safely, in your browser. -30+ real attack simulations -Testnet only. No real assets. Source: https://x.com/slowmist_team/status/1939914194197135467?s=61

If you guys are looking for a security support for an EVM project/audit, don't hesitate to reach out to @mracken

I’m excited to share that @rata0x and I have been collaborating on the Coinbase data leak for the past few months, assisting U.S. Law Enforcement. Today, we informed the affected victims who worked with us that Coinbase will be compensating them. If you were impacted, please reach out to us—we’ll help you submit your case to coinbase for full recovery. Huge thanks to Coinbase for taking steps to make their customers whole! • https://x.com/officer_cia/status/1923065371315011688?s=46 #security

Interesting 🙂 https://open.substack.com/pub/defihacklabs/p/in-depth-discussion-on-eip-7702-and?r=35gba4&utm_medium=ios

💡Check out the DeFIHackLabs Incident Explorer, guys ❤️‍🔥A cool tool to view hacks, POCs and it also provides different types of statistics ⚠️Source: https://defihacklabs.io/explorer/index.html For questions/proposals, reach out to @huangsun

I got a huge backlog of tools to test. Minus another weekend😅 https://x.com/getreconxyz/status/1912520603392757895?s=46

Sounds interesting🔎🙂 https://x.com/1nf0s3cpt/status/1911696197771018527?s=46