Tadev

@raopreetam_ @QuillAudits done!

@0xtadev @QuillAudits please DM

We’re looking for 4-5 Security Audit Interns at @QuillAudits academy who don't just "read" code, but break it. The Stack: Solidity, Rust, Move. Nice to have: Hands-on experience with Testing & Fuzzing (Foundry, Echidna, Medusa). This is an unpaid 3-month internship designed as a high-octane trial. Perform well, and you’ll be fast-tracked into a Full-Time Auditor role. If you think like an attacker and build like a defender, let's talk

@PashovAuditGrp Very cool! Just joined :)

🚨JUST IN: Pashov Audit Group🤝Discord Welcome to our new community with technical topics around security, AI and dev. We live and breathe web3 technologies🫡 Join, RT and comment below for a chance to win 3x full-year Claude/GPT subscriptions👇 discord.gg/pashovauditgro…

@immunefi All Stars base earning: 2047$, 81$ and 31$ ... doesn't hit that hard 🧐

Immunefi All Stars hit hard.

First 4 digits payout for my second contest on @immunefi! Thanks for the opportunity. Feels good but I missed 4 criticals, which is not acceptable. Will review all missed findings and work harder on the next contest 🫡 #OnchainDefender immunefi.com/s/pc/?u=Tadev&…

@0xSimao yeah, what you call hook is the try/catch notification, i thought at first glance you were talking about v4 hooks

@0xtadev It runs out of gas in the hook call when unsubscribing, from the notifier yes

1️⃣ The Contest Academy - Bug Deep Dive #25 0xsimao.com/blog/bug-deep-…

@0xSimao @0xSimao I guess in the alpha , "For Uniswap hooks, it only forwards 300k gas at most on Base" should be "For Uniswap unsubscription notifications, it only forwards 300k gas at most on Base"

Missed one low for my first contest as a SR with @immunefi - Hope to improve coverage next time ! #OnchainDefender immunefi.com/s/pc/?u=Tadev&…

Most protocols spend a lot on audits and bug bounties but have zero internal security Launching whohassecurity.com to highlight the ones that do Having an internal security team should be in every protocol's New Year's resolutions for 2026

@arsen_bt Security

You can become successful auditor If you are ready to work hard. That's why I’m sharing my Web3 Security Book: • Where to focus. • How to learn right way. • How to earn and progress. Follow & comment “Security” and I’ll DM it to you for free!

📢 Calling all Web3 security researchers Our first audit contest will start soon⚡️ 🗓️ 17/11 → 23/11 — 18:00 CET Protocol: @Alignerz_ Type: Token launchpad Solidity (~1500 nSloc) 💰 Prize Pool: 45,000 USDT H/M: 20k • L: 3k LSG1: 6k • LSG2: 6k Winner Bonus: 7.5k • Judge: 2.5k Think you can secure the codebase? Join the contest: discord.gg/UxrgEnbY 💂🏻‍♂️ Two Senior Guards are already in place. Can you rise to challenge them?

First high on @immunefi feels different #immunefitribe immunefi.com/s/ss/?severity…

We ran a blind, empirical test on most AI audit agents in the web3 space, using real contests. The results? Most tools missed critical flaws, drowned users in false positives or fail to run at all. Thread 👇

@CryptoPicsou @extendedapp

Hors Hyperliquid, quels sont les meilleurs Perp DEX selon vous (pour ce qui est du produit et hors incentives) ?

First paid bug on @immunefi, now chasing highs and criticals #immunefitribe immunefi.com/s/ss/?severity…

@kankodu Ah yes I get it, I thought you meant borrowing other assets using donated tokens as collateral, crystal clear now thanks

@tristan_angles A user can deposit any other asset that is accepted as collateral and borrow these donated tokens. The total shares for the newly added asset doesn't have to change.

How to drain an entire lending protocol when a new asset is accepted as collateral 🧵 And no, it’s not just another Compound fork.

@kankodu @kankodu can you explain in more detail how it is possible to borrow against donated tokens when total shares is 0? The user who donated cannot borrow as the shares he owns is 0? this is the only part I don't understand in the exploit you describe. thank!

An attacker can donate to the reserves when the total shares is zero and borrow from the donated tokens long enough for <500 wei of fee shares to be minted to the protocol.

1/ Starknet is already the most cost-effective Rollup, and it just got even cheaper. v0.13.5 is here, featuring the powerful Stateful compression, ensuring that Starknet remains cost-efficient, even as demand for Ethereum blobs increases. Let’s break it down 🧵