Arthur Gervais

AI for Security has never been more exciting. Let me present MAPTA, our multi-agent framework that found multiple (now confirmed!) Remote Code Executions (RCE's) in flagship web products of Tier-1 companies. Why the secrecy? We're good boys, letting them cook patched through responsible disclosure. What's our secret sauce? 1/n

@Icarus_xB top-tier may at times sell more marketing than substance

Not every protocol can afford top-tier audit firms. That doesn’t mean they shouldn’t get audited, they just need the right auditor for the job. I’m building something for that exact need!🤝 #web3 #security

GLM-OCR is indeed a really neat model running beautifully locally

sub agents eat through my codex limits like warm cookies haha

@TheWattenhofer 🤣 so true, what's your verdit on the UK

In Switzerland, everything that is not explicitly permitted is forbidden. In Italy, everything that is not explicitly forbidden is permitted. In Germany, everything is forbidden—even if it is permitted. And in France, everything is permitted—even if it is forbidden.

Nearly 300 incidents so far, including 26 in March alone, and we are only at the 18th of March. That is about 1.5 incidents per day on average, and the rate is still increasing. We are still backfilling data, and a more detailed analysis will come soon. This is a much improved version of my DeFi Attacks SoK (accepted by IEEE S&P, 320 citations), and I think I have surpassed my previous work. The scale of this is honestly quite stunning, and we believe @clara_oracle is highly useful for the entire community. Not entirely sure why Clara has not gained much much more attention yet (Clara only has 250 followers, even fewer than the number of citations I had for my academic paper), so any help in spreading this would be greatly appreciated (Retweet or spread within your network 🙏). Clara will collect more than 1000 incidents soon. Together, we are building a much safer DeFi for tomorrow. Clara will become one of the best security dataset for both academia and the industry. Clara: clarahacks.com DeFi attack SoK: arxiv.org/pdf/2208.13035

@DefimonAlerts lol

💬 Onchain Message: We have identified you and are working with the U.S. Department of Homeland Security - Cyber 1 Darkweb & Cryptocurrency unit. Return 70% of stolen funds to 0x45e2663E0FEE4ABDf1EA7943eC527d6101bE5E34 within 48 hours and keep 30% as a whitehat bounty. No further action will be taken. Ignore this and we will pursue all legal avenues. - Keom Protocol Team etherscan.io/tx/0x8501e3631…

@0xKaden yes, a favorite, which I'm still teaching in class in 2026! also, remember the attacker left much money on the table by choosing sub-optimal parameters: arxiv.org/abs/2003.03810

the bZx protocol had probably the worst security posture of any smart contract protocol in history in february 2020, they suffered not one, but two oracle manipulation exploits [1] within a three day period. with the second one coming after the protocol was deemed to be fixed. ~$350k + ~$600k exploited then in september 2020, they had a self-transfer exploit [2] which resulted in a loss of ~$8.1m and if that wasn't already enough damage, in november 2021, a phishing attack on the developer key [3] allowed the attacker to not only drain the protocol TVL, but also dangling user approvals, resulting in a loss of ~$55m!

Full details, PoC + root cause: clarahacks.com

Source: DefimonAlerts. dTRINITY was exploited on Ethereum in a single tx, extracting ~257.3k dUSD and draining cbBTC backing. This matters beyond one protocol: it breaks a core lending invariant, where share accounting must conserve real reserve value.

@ddimitrovv22 yeah, here's the PoC x.com/clara_oracle/s…

Looks like dTRINITY is exploited due to an inflated index and suffered a ~$260k loss. - attacker took a flashloan and deposited $772 USDC - the collateral was valued at ~$4.8M deu to the inflated index - attacker borrowed $257k in bUSD TX details: etherscan.io/tx/0xbec4c8ae1…

🥰

@hackenclub @VenusProtocol yes, PoC and postmortem at clarahacks.com/incidents/da48…

🚨 @VenusProtocol on BSC was exploited for ~$3.7M on March 15. Root cause: supply cap bypass via direct ERC-20 transfers to a vToken contract, a known Compound V2 design flaw previously flagged in Venus’s own Code4rena audit. Example tx: bscscan.com/tx/0x5aede60c7… ~50 exploit transactions in total. 🧵

Source: DefimonAlerts. New Ethereum exploit: the legacy JAKE meToken hub was drained in one block because reserve accounting could be desynced. Why it matters: ETH meant to stay creator-locked was temporarily treated as sellable liquidity.

@Xbow couldn't agree more

1,060 autonomous attack chains later, the narrative still says “not possible.” The International AI Safety Report 2026 concludes that fully autonomous attacks are not here yet. The experiences of teams deploying real-world autonomous offense tell a different story. In our latest blog, we unpack where the industry’s model of AI offense diverges from what is already operational and what that shift means for defenders: bit.ly/4sjKrnN

C is amazing, first language i learned

@saghul the communication expert @saghul 1. silently fixes a security issue we reported 2. doesn't provide any response until we nudge 3. refuses to assign a CVE (1 click on GH) 4. replies with "I don't collect CVEs" 🤣🤣

Slides from my talk "Jitsi: state-of-the-art video conferencing you can self-host" at #AstriCon slideshare.net/saghul/jitsi-s… #jitsi #webrtc

@aave simply v unlikely that the user didn't understand the implications of this giant slippage

@wholisticguy @al_f4lc0n @immunefi for which targets do you get security reports?

Yeah, the only way anyone could know for sure if it’s legit or not is if the money actually got stolen. I guess that’s why they get paid out the most to return it after it’s gone I get dozens of “security reports” from people fishing for bounties on nonsense non-security issues, it’s very tiresome. Nothing breaks thru that noise like an actual exploit tho

I Saved Injective's $500M. They Pay Me $50K. I like hunting bugs on @immunefi . I'm decent at it. - #1 — Attackathon | Stacks - #2 — Attackathon | Stacks II - #1 — Attackathon | XRPL Lending Protocol - 1 Critical and 1 High from bug bounties (not counting this one) Life was good. Then I found a Critical vulnerability in @injective . This vulnerability allowed any user to directly drain any account on the chain. No special permissions needed. Over $500M in on-chain assets were at risk. I reported it through Immunefi. The next day, a mainnet upgrade to fix the bug went to governance vote. The Injective team clearly understood the severity. Then — silence. For 3 months. No follow up. No technical discussion. Nothing. A few days ago, they notified me of their decision: $50K. The maximum payout for a Critical vulnerability in their bug bounty program is $500K. I disputed it. Silence again. No explanation for the reduced payout. No explanation for the 3 month ghost. No conversation at all. To be clear: the $50K has not been paid either. I've seen others share bad experiences with bug bounty payouts recently. I never thought it would happen to me. I can't force them to do the right thing. But I won't let this be forgotten. I will dedicate 10% of all my future bug bounty earnings to making sure this story stays visible — until Injective pays what I deserve. Full Technical Report: github.com/injective-wall…

@wholisticguy @al_f4lc0n @immunefi I'm not disputing severity but the poc did not show e2e that all tvl can be stolen

@HatforceSec @al_f4lc0n @immunefi Weird criteria that sees a consensus failure as 10X more severe than being able to steal everyone’s money

One thing they probably rely on is this: However, for a report to be categorized as Blockchain/DLT, the resulting impact has to be directly involved with the block production process or with consensus failures. [immunefi.com/bug-bounty/inj…] Then your report would be effectively capped at 50k USD. Which is absolutely sneaky.

@HatforceSec @immunefi I asked, but they didn't reply. They haven't responded to any of my messages.

@al_f4lc0n @immunefi sorry, had missed that. this PoC does not prove the whole chain TVL was instantly stealable though, right?

@HatforceSec @immunefi Check the 'Full Technical Report' link at the end of the tweet for the end-to-end PoC.