Daniel Tan

422 posts

Daniel Tan

@DanielSlothx

Security engineer @CertiK | on-chain hack analysis | Saved $200K tokens from a CEX hack

Blockchain Katılım Şubat 2010

572 Takip Edilen200 Takipçiler

Daniel Tan@DanielSlothx·19 Nis

#KelpDAO has paused rsETH contracts across mainnet and several L2s. x.com/KelpDAO/status…

Kelp@KelpDAO

Earlier today we identified suspicious cross-chain activity involving rsETH. We have paused rsETH contracts across mainnet and several L2s while we investigate. We are working with @LayerZero_Core, @unichain, our auditors and top security experts on RCA. We will keep you posted as we learn more about this situation. Please follow only the official @KelpDAO handle for the updates.

English

Daniel Tan@DanielSlothx·17 Nis

#Tether has froze 3.29M USDT to the hackers. x.com/paoloardoino/s… Rhea Fiance has temporarily paused the contracts and are conducting a thorough investigation. x.com/rhea_finance/s…

Rhea Finance@rhea_finance

The RHEA team is aware of an incident affecting the protocol. As a precautionary measure, we have temporarily paused the contracts while we conduct a thorough investigation. We are working closely with key partners, stakeholders, and security experts. Protecting user positions is our immediate priority, and our team is focused on minimizing any potential impact. RHEA team has reached out to the responsible party through on chain transaction. #9BfCGUigv3w8TFRx5n8t5Qira62oBcrcAp2fVeGfFZVC" target="_blank" rel="nofollow noopener">nearblocks.io/txns/6r5c2iZig…

English

108

Daniel Tan@DanielSlothx·17 Nis

#RheaFiance $7.6M hack. A hacker added liquidity in fresh pools with fake tokens to mislead the oracle and validation layer.

CertiK Alert@CertiKAlert

#CertiKInsight 🚨 We have seen an incident affecting @rhea_finance The attacker created fake token contracts and added liquidity in fresh pools, likely misleading the oracle and validation layer. In total, at least ~$7.6M was extracted nearblocks.io/address/31ac7a…

English

158

Daniel Tan@DanielSlothx·9 Nis

@RonghuiGu My pleasure.

English

Ronghui Gu@RonghuiGu·7 Nis

@DanielSlothx Thanks

English

130

Daniel Tan@DanielSlothx·7 Nis

#AIAuditor 28 out 35 real security incidents in 2026 are hit by #CertiK AI Auditor on the first run.

CertiK@CertiK

x.com/i/article/2018…

English

296

Daniel Tan retweetledi

CertiK Alert@CertiKAlert·1 Nis

#CertiKStatsAlert 🚨 @DriftProtocol seems to be a victim of an exploit for ~$136M losses. Funds are currently being laundered or moved. ~$109M in wallet 7RoMqGAcU7S6ESAhPDvB9iSXvASUhuoE8u7dYRxGBew9 solscan.io/account/7RoMqG… Stay vigilant!

English

6.5K

Daniel Tan retweetledi

mattwang85@mattwang85·13 Mar

x.com/i/article/2032…

ZXX

4.1K

Daniel Tan@DanielSlothx·11 Mar

x.com/yieldsandmore/…

YAM 🌱@yieldsandmore

x.com/i/article/2031…

ZXX

Daniel Tan@DanielSlothx·11 Mar

#AAVEMisconfig A misconfiguration on Aave's CAPO oracle caused wstETH E-Mode liquidations, resulting in a loss of 345 $ETH.

Omer Goldberg@omeragoldberg

1/ stETH CAPO Misconfiguration Today, a misconfiguration on Aave's CAPO oracle caused wstETH E-Mode liquidations, resulting in a loss of 345 ETH. No bad debt was incurred, and all affected users will be fully reimbursed. More below.

English

173

Daniel Tan@DanielSlothx·11 Mar

A high-level perspective to look at the security in #zkcircuits that abstracts away from specific languages and proving system docs.google.com/presentation/d…

English

Daniel Tan@DanielSlothx·3 Mar

#ZKVerifierBug on March 10th, the @CertiK Sr. Staff Security Engineer, #XifengJin, will dive into the ZK verifier attack patterns targeting DSL circuits, zkVMs, and proving systems with practical mitigation insights, in the X Space. #CertiK #ZKVM #DSLCircuit #Audit

CertiK@CertiK

As ZK adoption accelerates, verifier-side security is increasingly critical. In this X Space, CertiK Sr. Staff Security Engineer Xifeng Jin examines attack patterns targeting DSL circuits, zkVMs, and proving systems with practical mitigation insights. Set a reminder below👇

English

240

Daniel Tan@DanielSlothx·22 Oca

#Makina $4M #PriceManipulation hack. The MIM-3CRV pool was manipulated by inflating the MIM price through a flashloan, which affects DUSD Caliber to reflect an inflated value, then propagated to the Machine AUM, the DUSD exchange rate, and ultimately to the DUSD/USDC Curve pool.

Makina@makinafi

x.com/i/article/2014…

English

313

Daniel Tan@DanielSlothx·9 Oca

#TruebitProtocol exploit. The root cause of this $26M hack was that the price calculation #overflow and was manipulated. In the vulnerable smart contract, the SafeMath library is not used, and the Solidity version 0.8.0 or higher is also not used.

CertiK Alert@CertiKAlert

#CertiKInsight 🚨 On 8 January 2026, @Truebitprotocol was exploited due to an overflow issue, resulting in a loss of ~$26.6M. To learn more about what happened, read our full analysis here 👇 certik.com/resources/blog…

English

328

Daniel Tan@DanielSlothx·31 Ara

More details from @Foresight_News foresightnews.pro/article/detail…

English

133

Daniel Tan@DanielSlothx·31 Ara

🔟GMX Reentrancy $42M Exploit On Jul 15, 2025, #GMX V1 lost $42M to a reentrancy attack. Ironically, the vulnerability was introduced by the team's own 2022 bug fix, which lacked proper audit. The hacker exploited a time gap in price updates. Most funds were later returned.

English

176

Daniel Tan@DanielSlothx·31 Ara

#Top10HacksIn2025 1⃣Bybit Supply Chain $1.46B Attack On Feb 21, 2025, #Bybit suffered the largest single hack in web3 history, losing $1.46B, due to the North Korean #LazarusGroup executing a supply chain attack, compromising a Safe Wallet developer's machine.

CertiK@CertiK

You’ve read the stats. Now see the scale. This video from the 2025 Skynet Hack3d Report brings Web3’s most critical security data into focus. Watch the key trends that defined the year.

English

391

Keşfet

@RonghuiGu @DriftProtocol @CertiK @Foresight_News @elonmusk @BarackObama @taylorswift13 @cristiano