0xCommit

🚨 Join Us for an Exclusive AMA: Evolving Threats in Blockchain Security - Staying Ahead of Hackers 🚨 We’re thrilled to announce an upcoming AMA in collaboration with @HeLa_Labs to discuss the critical threats in blockchain security and how to safeguard emerging ecosystems. As the official security partner for Hela Labs, 0xCommit is providing a comprehensive range of services to ensure security, privacy, and scalability as @HeLa_Labs revolutionizes industries like gaming, healthcare, and finance with its next-gen Layer 1 blockchain. Speakers: • @shivtyg, Founder @ 0xCommit • @18dew, Lead Security Auditor @0xCommitAudits • @Simeonunity Contributor @HeLa_Labs Host: • @shiv_cryptoman BD @0xCommitAudits Stay tuned as we dive into: • Advanced blockchain security measures • Emerging hacking trends and how to defend against them • Innovations in privacy and cryptography 📅 Date: 17th October, 2024 ⏰ Time: 2:00 PM UTC 📍 Join us on Twitter Spaces! x.com/i/spaces/1RDxl…

It was great working with @AtenKrotos and @zk_agi team on this. Wonderful and talented folks.

“A song of Holi, where I evoke narsimha and prahlad within self.” Holi is not just a dance of hues, Not just love in crimson dews. It is the fire where falsehood burns, Where tyrants fall and fate then turns. Within us sleeps the child divine, Prahlad’s faith, unbent by time. Within us waits the lion’s might, Narasimha’s wrath in golden light. The pyre blazed, the witch did sneer, Yet truth stood firm, untouched by fear. Holika fell, her magic failed, For dharma’s shield has never paled. And then the tyrant roared with hate, Blinded by his lofty state. “Where is your God?” he mocked and jeered, His throne of blood in dark was steered. But from a pillar, stone and cold, Burst forth the force of legends old. Neither man, nor beast, nor sword nor flame, Narasimha came, none dared his name. No steel he bore, no blade he drew, Yet doom upon the demon flew. With claws divine, his ribs were torn, A tyrant slain, a world reborn. And so today, when Holi nears, Awaken, sons, dissolve your fears! This is not just a day of mirth, It marks the triumph of dharma’s birth. Do you not hear the echoes call? The demons rise—they seek your fall! The ones who hail Aurangzeb’s hand, Still chain our gods, defile our land! The same who burned Chittor’s bright grace, Who laughed at Rajputi embrace— The Holi flames were bathed in red, As saffron warriors fought and bled. And even now, from Bengal’s shores, To temple gates with broken doors, The demons march with blades anew, And still, we ask if love is due? No, Holi is the lion’s cry! To rise, to roar, to never die! To tear apart the chains that bind, And cleanse the world of darkened mind. So smear the red—of dharma’s fight! Let saffron burn in sacred light! For love is not to weaklings thrown, But only where its worth is known!

Reach out to us in X, Substack and Telegram: Telegram: t.me/OxCommitAudits Website: 0xcommit.com Substack: 0xcommit.substack.com

7/ Homomorphic Encryption & Secure Computation 🔹 Enables computation on encrypted data without decryption. 🔹 Used for privacy-preserving smart contracts. 🔹 Ensures secure data sharing in DeFi & enterprise applications

🛠️ Upcoming Ethereum Upgrades: What’s Changing? Ethereum continues to evolve, bringing major upgrades that will enhance scalability, security, and efficiency. Let’s dive into the most anticipated changes and how they will shape Ethereum’s future! 👇

Reach out to us in X, Substack and Telegram: Telegram: t.me/OxCommitAudits Website: 0xcommit.com Substack: 0xcommit.substack.com

6/ 🚨 @Bybit_Official - Bybit states that multisig signers saw a masked UI displaying the correct @safe wallet address. However, they unknowingly signed a transaction upgrading a proxy, injecting malicious logic into the Safe wallet. x.com/Bybit_Official…

5/ 🚨 @Bybit_Official ⏱️Time: 21 Feb, 2025 💸Loss ~$1.4B Attack Vector: Safe Multisig wallet Phishing - Attackers, likely Lazarus Group, tricked signers with a masked UI, approving a malicious proxy upgrade. Stolen funds are laundered via Pump.fun, Blackwing.fi, THORChain, LiFi & more.

4/ 🚨 @cardex_space ⏱️Time: 18 Feb, 2025 💸Loss ~$0.183M Attack Vector: Private Key Leakage. - Cardex suffered a breach due to a leaked key in its frontend code, compromising the session signer wallet. Since this signer was shared across all sessions, all users who created sessions were at risk. x.com/0xCygaar/statu…

3/ 🚨 @four_meme_ ⏱️Time: 11 Feb, 2025 💸Loss ~$0.4M Attack Vector: Liquidity Pool Exploit - @four_meme_ was exploited through a frontrunning attack. The attacker pre-created a liquidity pool on PancakeSwap v3 with an inflated token price. Due to a lack of price verification, liquidity was added based on the manipulated pool, allowing the attacker to drain assets. x.com/four_meme_/sta…

#SecurityHackTrack We are back with Weekly hack track from 0xCommit where we bring you the significant attacks of last week.

2/ 🚨 @zkLend 💸Stolen ~$9.55M ⏱️Time: 11 Feb, 2025 🔍 Attack Vector: Empty Market Exploit - zkLend, a top lending platform on Starknet, was exploited due to a flaw in accumulator value manipulation in an empty market via flash loans. The attack leveraged SafeMath's direct division, triggering a rounding-down vulnerability for profit. x.com/zkLend/status/…

1/ 🚨 @ionicmoney 💸Stolen ~$8.8M ⏱️Time: 04 Feb, 2025 🔍 Attack Vector: Fake Collateral Exploit - The Ionic platform on Mode suffered a hack where the attacker exploited an unofficial, counterfeit version of LBTC (Lombard BTC) as collateral to secure loans, leading to a total loss of around $8.8 million. x.com/ionicmoney/sta…

Table Of Content: 1/ @ionicmoney ~$8.8M 2/ @zkLend ~$9.55M 3/ @four_meme_ ~$0.183M 4/ @cardex_space ~$0.4M 5-6/ @Bybit_Official ~$1.46B